cybernews

fuite de donnée enregistrée

Latest News


CVE-2025-39954 - clk: sunxi-ng: mp: Fix dual-divider clock rate readback

]]>

Thu, 09 Oct 2025 09:47:00 GMT

read more

CVE-2025-39955 - tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect().

fastopen_rsk in tcp_disconnect(). syzbot reported the splat below where a socket had tcp_sk(sk)->fastopen_rsk in the TCP_ESTABLISHED state. [0] syzbot reused the server-side TCP Fast Open socket as a new client before the TFO socket completes 3WHS: 1. accept() 2. connect(AF_UNSPEC) 3. connect() to another destination As of accept(), sk->sk_state is TCP_SYN_RECV, and tcp_disconnect() changes it to TCP_CLOSE and makes connect() possible, which restarts timers. Since tcp_disconnect() forgot to clear tcp_sk(sk)->fastopen_rsk, the retransmit timer triggered the warning and the intended packet was not retransmitted. Let's call reqsk_fastopen_remove() in tcp_disconnect(). [0]: WARNING: CPU: 2 PID: 0 at net/ipv4/tcp_timer.c:542 tcp_retransmit_timer (net/ipv4/tcp_timer.c:542 (discriminator 7)) Modules linked in: CPU: 2 UID: 0 PID: 0 Comm: swapper/2 Not tainted 6.17.0-rc5-g201825fb4278 #62 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:tcp_retransmit_timer (net/ipv4/tcp_timer.c:542 (discriminator 7)) Code: 41 55 41 54 55 53 48 8b af b8 08 00 00 48 89 fb 48 85 ed 0f 84 55 01 00 00 0f b6 47 12 3c 03 74 0c 0f b6 47 12 3c 04 74 04 90 0b 90 48 8b 85 c0 00 00 00 48 89 ef 48 8b 40 30 e8 6a 4f 06 3e RSP: 0018:ffffc900002f8d40 EFLAGS: 00010293 RAX: 0000000000000002 RBX: ffff888106911400 RCX: 0000000000000017 RDX: 0000000002517619 RSI: ffffffff83764080 RDI: ffff888106911400 RBP: ffff888106d5c000 R08: 0000000000000001 R09: ffffc900002f8de8 R10: 00000000000000c2 R11: ffffc900002f8ff8 R12: ffff888106911540 R13: ffff888106911480 R14: ffff888106911840 R15: ffffc900002f8de0 FS: 0000000000000000(0000) GS:ffff88907b768000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f8044d69d90 CR3: 0000000002c30003 CR4: 0000000000370ef0 Call Trace: tcp_write_timer (net/ipv4/tcp_timer.c:738) call_timer_fn (kernel/time/timer.c:1747) __run_timers (kernel/time/timer.c:1799 kernel/time/timer.c:2372) timer_expire_remote (kernel/time/timer.c:2385 kernel/time/timer.c:2376 kernel/time/timer.c:2135) tmigr_handle_remote_up (kernel/time/timer_migration.c:944 kernel/time/timer_migration.c:1035) __walk_groups.isra.0 (kernel/time/timer_migration.c:533 (discriminator 1)) tmigr_handle_remote (kernel/time/timer_migration.c:1096) handle_softirqs (./arch/x86/include/asm/jump_label.h:36 ./include/trace/events/irq.h:142 kernel/softirq.c:580) irq_exit_rcu (kernel/softirq.c:614 kernel/softirq.c:453 kernel/softirq.c:680 kernel/softirq.c:696) sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 (discriminator 35) arch/x86/kernel/apic/apic.c:1050 (discriminator 35)) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 09 Oct 2025 09:47:00 GMT

read more

CVE-2025-39956 - igc: don't fail igc_probe() on LED setup error

$FAILSLAB_PATH/require-start echo $END_ADDR > $FAILSLAB_PATH/require-end echo 1 > $FAILSLAB_PATH/times echo 100 > $FAILSLAB_PATH/probability echo N > $FAILSLAB_PATH/ignore-gfp-wait echo $DEVICE > /sys/bus/pci/drivers/igc/bind Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 09 Oct 2025 09:47:00 GMT

read more

CVE-2025-39957 - wifi: mac80211: increase scan_ies_len for S1G

]]>

Thu, 09 Oct 2025 09:47:00 GMT

read more

CVE-2025-39958 - iommu/s390: Make attach succeed when the device was surprise removed

]]>

Thu, 09 Oct 2025 09:47:00 GMT

read more

CVE-2025-39959 - ASoC: amd: acp: Fix incorrect retrival of acp_chip_info

parent) instead of dev_get_platdata(dev) to correctly obtain acp_chip_info members in the acp I2S driver. Previously, some members were not updated properly due to incorrect data access, which could potentially lead to null pointer dereferences. This issue was missed in the earlier commit ("ASoC: amd: acp: Fix NULL pointer deref in acp_i2s_set_tdm_slot"), which only addressed set_tdm_slot(). This change ensures that all relevant functions correctly retrieve acp_chip_info, preventing further null pointer dereference issues. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 09 Oct 2025 09:47:00 GMT

read more

CVE-2025-10862 - Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers <= 2.1.3 - Unauthenticated SQL Injection via 'id'

]]>

Thu, 09 Oct 2025 09:15:00 GMT

read more

CVE-2025-11522 - Search & Go - Directory WordPress Theme <= 2.7 - Authentication Bypass to Privilege Escalation via Account Takeover

]]>

Thu, 09 Oct 2025 08:15:00 GMT

read more

CVE-2025-11539 - Arbitrary Code Execution in Grafana Image Renderer Plugin

]]>

Thu, 09 Oct 2025 08:15:00 GMT

read more

CVE-2025-7526 - WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Authenticated (Subscriber+) Arbitrary File Deletion via File Renaming

]]>

Thu, 09 Oct 2025 06:15:00 GMT

read more

CVE-2025-7634 - WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Unauthenticated Local File Inclusion

]]>

Thu, 09 Oct 2025 06:15:00 GMT

read more

CVE-2025-27053 - Incorrect Calculation of Buffer Size in HLOS

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27054 - Out-of-bounds Write in Display

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27059 - Use of Out-of-range Pointer Offset in TZ Firmware

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27060 - Untrusted Pointer Dereference in TZ Firmware

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47338 - Untrusted Pointer Dereference in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47340 - Out-of-bounds Write in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47341 - Buffer Copy Without Checking Size of Input in Camera

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47342 - Use After Free in BT Controller

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47347 - Stack-based Buffer Overflow in Automotive Software platform based on QNX

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47349 - Use of Out-of-range Pointer Offset in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47351 - Integer Overflow or Wraparound in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47354 - Use After Free in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47355 - Out-of-bounds Write in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-6038 - Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme <= 1.4.0 - Authenticated (Subscriber+) Privilege Escalation

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27039 - Detection of Error Condition Without Action in Computer Vision

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27040 - Improper Input Validation in TZ Firmware

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27041 - Buffer Over-read in Video

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27045 - Buffer Over-read in Video

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27048 - Untrusted Pointer Dereference in Camera

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27049 - Buffer Over-read in Camera

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-11530 - code-projects Online Complaint Site state.php sql injection

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-11529 - ChurchCRM API Endpoint AuthMiddleware.php AuthMiddleware missing authentication

]]>

Thu, 09 Oct 2025 03:15:00 GMT

read more

CVE-2025-11528 - Tenda AC7 saveAutoQos stack-based overflow

]]>

Thu, 09 Oct 2025 03:15:00 GMT

read more

CVE-2025-11526 - Tenda AC7 WifiMacFilterSet stack-based overflow

]]>

Thu, 09 Oct 2025 03:15:00 GMT

read more

CVE-2025-11527 - Tenda AC7 fast_setting_pppoe_set stack-based overflow

]]>

Thu, 09 Oct 2025 03:15:00 GMT

read more

CVE-2025-10496 - Cookie Notice Consent 1.6.5 - Unauthenticated Stored Cross-Site Scripting

]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-10586 - Community Events 1.5.1 - Unauthenticated SQL Injection

]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-11166 - WP Go Maps (formerly WP Google Maps) 9.0.46 - Cross-Site Request Forgery to Plugin Settings Update

]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-11523 - Tenda AC7 AdvSetLanip command injection

]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-11524 - Tenda AC7 SetDDNSCfg stack-based overflow

]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-11525 - Tenda AC7 SetUpnpCfg stack-based overflow

]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-11514 - code-projects Online Complaint Site index.php sql injection

]]>

Thu, 09 Oct 2025 01:15:00 GMT

read more

CVE-2025-11515 - code-projects Online Complaint Site register-complaint.php sql injection

]]>

Thu, 09 Oct 2025 01:15:00 GMT

read more

CVE-2025-11516 - code-projects Online Complaint Site complaint-details.php sql injection

]]>

Thu, 09 Oct 2025 01:15:00 GMT

read more

CVE-2025-11512 - code-projects Voting System voters_add.php cross site scripting

]]>

Thu, 09 Oct 2025 00:15:00 GMT

read more

CVE-2025-11513 - code-projects E-Commerce Website supplier_update.php sql injection

]]>

Thu, 09 Oct 2025 00:15:00 GMT

read more

CVE-2025-11508 - code-projects Voting System voters_add.php unrestricted upload

]]>

Wed, 08 Oct 2025 23:15:00 GMT

read more

CVE-2025-11509 - code-projects E-Commerce Website product_add.php sql injection

]]>

Wed, 08 Oct 2025 23:15:00 GMT

read more

CVE-2025-11511 - code-projects E-Commerce Website supplier_add.php sql injection

]]>

Wed, 08 Oct 2025 23:15:00 GMT

read more

CVE-2025-61913 - Flowise is vulnerable to arbitrary file read, arbitrary file write

]]>

Wed, 08 Oct 2025 23:15:00 GMT

read more

CVE-2017-20201 - CCleaner v5.33.6162 CCleaner Cloud v1.07.3191 Malicious Backdoor Supply Chain Compromise

]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2017-20202 - Web Developer for Chrome v0.4.9 Malicious Backdoor Supply Chain Compromise

]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2025-11505 - PHPGurukul Beauty Parlour Management System new-appointment.php sql injection

]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2025-11506 - PHPGurukul Beauty Parlour Management System search-appointment.php sql injection

]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2025-11507 - PHPGurukul Beauty Parlour Management System search-invoices.php sql injection

]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2025-11535 - MongoDB Connector for BI installation MSI leave ACLs unset on custom installation directories

]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2025-11494 - GNU Binutils Linker elfxx-x86.c _bfd_x86_elf_late_size_sections out-of-bounds

]]>

Wed, 08 Oct 2025 20:15:00 GMT

read more

CVE-2025-11495 - GNU Binutils Linker elf64-x86-64.c elf_x86_64_relocate_section heap-based overflow

]]>

Wed, 08 Oct 2025 20:15:00 GMT

read more

CVE-2025-11503 - PHPGurukul Beauty Parlour Management System manage-services.php sql injection

]]>

Wed, 08 Oct 2025 20:15:00 GMT

read more

CVE-2025-60311 - ProjectWorlds Gym Management System SQL Injection Vulnerability

]]>

Wed, 08 Oct 2025 20:15:00 GMT

read more

CVE-2025-11490 - wonderwhy-er DesktopCommanderMCP Absolute Path command-manager.ts extractBaseCommand os command injection

]]>

Wed, 08 Oct 2025 19:15:00 GMT

read more

CVE-2025-11491 - wonderwhy-er DesktopCommanderMCP command-manager.ts CommandManager os command injection

]]>

Wed, 08 Oct 2025 19:15:00 GMT

read more

CVE-2025-57457 - Curo UC300 OS Command Injection

]]>

Wed, 08 Oct 2025 19:15:00 GMT

read more

CVE-2025-61524 - Casdoor Permission Bypass Vulnerability

]]>

Wed, 08 Oct 2025 19:15:00 GMT

read more

CVE-2025-42701 - CrowdStrike Falcon Sensor for Windows Race Condition

]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-42706 - CrowdStrike Falcon Sensor for Windows Logic Error

]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-61788 - Opencast Paella Player 7 vulnerable to Cross-Site-Scripting

]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-61906 - Opencast's editor accidentally publishes videos/overwrites publications #1626

]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-9868 - Nexus Repository 2 - SSRF Vulnerability in Remote Browser Plugin

]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-11487 - SourceCodester Farm Management System uploadProduct.php sql injection

]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-11488 - D-Link DIR-852 HNAP1 command injection

]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-11489 - wonderwhy-er DesktopCommanderMCP filesystem.ts isPathAllowed symlink

]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-11481 - varunsardana004 Blood-Bank-And-Donation-Management-System donate_blood.php sql injection

]]>

Wed, 08 Oct 2025 17:15:00 GMT

read more

CVE-2025-11485 - SourceCodester Student Grades Management System Manage Users admin.php add_user cross site scripting

]]>

Wed, 08 Oct 2025 17:15:00 GMT

read more

CVE-2025-11486 - SourceCodester Farm Management System buyNow.php sql injection

]]>

Wed, 08 Oct 2025 17:15:00 GMT

read more

CVE-2025-53967 - Framelink Figma MCP Server Remote Command Injection

]]>

Wed, 08 Oct 2025 17:15:00 GMT

read more

CVE-2025-9970 - Application credential stored in clear text in memory

]]>

Wed, 08 Oct 2025 17:15:00 GMT

read more

CVE-2025-5009 - Information Disclosure in Gemini iOS App

]]>

Wed, 08 Oct 2025 16:15:00 GMT

read more

CVE-2025-60318 - SourceCodester Pet Grooming Management Software XSS

]]>

Wed, 08 Oct 2025 16:15:00 GMT

read more

CVE-2025-36636 - Improper Access Control

]]>

Wed, 08 Oct 2025 16:15:00 GMT

read more

CVE-2025-59303 - HAProxy Kubernetes Ingress Controller Config Snippet Token Secret Exposure

]]>

Wed, 08 Oct 2025 16:15:00 GMT

read more

CVE-2025-11479 - SourceCodester Wedding Reservation Management System function.php insertReservation sql injection

]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-11480 - SourceCodester Simple E-Commerce Bookstore register.php sql injection

]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-43724 - Dell PowerScale OneFS Authorization Bypass Through User-Controlled Key

]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-43771 - Liferay Portal and DXP XSS Vulnerabilities

]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-60313 - Sourcecodester Link Status Checker XSS

]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-60834 - Apache Fastjson Deserialization Remote Code Execution Vulnerability in uzy-ssm-mall

]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-61672 - Synapse: Invalid device keys degrade federation functionality

]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-61183 - Vaahcms Cross-Site Scripting Vulnerability

]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-60314 - Configuroweb Sistema Web de Inventario Stored Cross-Site Scripting (XSS)

]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-60828 - WukongCRM Fastjson Deserialization Vulnerability

]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-60830 - Redragon ERP Shiro Deserialization Vulnerability

]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-60833 - uzy-ssm-mall XXE Code Execution

]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-11476 - SourceCodester Simple E-Commerce Bookstore index.php sql injection

]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-11477 - SourceCodester Wedding Reservation Management System global.php sql injection

]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-11478 - SourceCodester Farm Management System myCart.php sql injection

]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-43829 - Liferay Portal Stored Cross-Site Scripting (XSS) in Diagram Type Products

]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-43830 - Liferay Portal Liferay DXP Stored Cross-Site Scripting (XSS)

]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-60298 - Novel-Plus up to 5.2.4 was discovered to contain a

]]>

Wed, 08 Oct 2025 13:15:00 GMT

read more

CVE-2025-60299 - Novel-Plus Stored Cross-Site Scripting (XSS)

]]>

Wed, 08 Oct 2025 13:15:00 GMT

read more

CVE-2025-11475 - projectworlds Advanced Library Management System view_member.php sql injection

]]>

Wed, 08 Oct 2025 13:15:00 GMT

read more

CVE-2025-43821 - Liferay Portal Liferay DXP XSS

]]>

Wed, 08 Oct 2025 13:15:00 GMT

read more

CVE-2025-11474 - SourceCodester Hotel and Lodge Management System edit_booking.php sql injection

]]>

Wed, 08 Oct 2025 13:15:00 GMT

read more

Cryptographie post-quantique, les travaux de l’ANSSI

]]>

Wed, 08 Oct 2025 12:34:00 GMT

read more

CVE-2025-11473 - SourceCodester Hotel and Lodge Management System edit_curr.php sql injection

]]>

Wed, 08 Oct 2025 12:15:00 GMT

read more

CVE-2025-10649 - Welcart e-Commerce 2.11.21 - Authenticated (Author+) SQL Injection via Cookie

]]>

Wed, 08 Oct 2025 12:15:00 GMT

read more

CVE-2025-11471 - SourceCodester Hotel and Lodge Management System edit_customer.php sql injection

]]>

Wed, 08 Oct 2025 12:15:00 GMT

read more

CVE-2025-11472 - SourceCodester Hotel and Lodge Management System edit_room.php sql injection

]]>

Wed, 08 Oct 2025 12:15:00 GMT

read more

CVE-2025-10352 - Missing Authorization vulnerability in Melis Platform

]]>

Wed, 08 Oct 2025 11:15:00 GMT

read more

CVE-2025-10353 - Missing Authorization vulnerability in Melis Platform

]]>

Wed, 08 Oct 2025 11:15:00 GMT

read more

CVE-2025-10351 - SQL injection vulnerability in Melis Platform

]]>

Wed, 08 Oct 2025 11:15:00 GMT

read more

CVE-2025-11469 - SourceCodester Hotel and Lodge Management System save_customer.php sql injection

]]>

Wed, 08 Oct 2025 10:15:00 GMT

read more

CVE-2025-11470 - SourceCodester Hotel and Lodge Management System manage_website.php unrestricted upload

]]>

Wed, 08 Oct 2025 10:15:00 GMT

read more

CVE-2025-11445 - Kilo Code Prompt ClineProvider.ts ClineProvider injection

]]>

Wed, 08 Oct 2025 09:15:00 GMT

read more

CVE-2025-11442 - JhumanJ OpnForm API Endpoint cross-site request forgery

]]>

Wed, 08 Oct 2025 08:15:00 GMT

read more

CVE-2025-11443 - JhumanJ OpnForm Forgotten Password email information exposure

]]>

Wed, 08 Oct 2025 08:15:00 GMT

read more

CVE-2025-11444 - TOTOLINK N600R HTTP Request cstecgi.cgi setWiFiBasicConfig buffer overflow

]]>

Wed, 08 Oct 2025 08:15:00 GMT

read more

CVE-2025-11438 - JhumanJ OpnForm API Endpoint custom-domains authorization

]]>

Wed, 08 Oct 2025 07:15:00 GMT

read more

CVE-2025-11439 - JhumanJ OpnForm integrations authorization

]]>

Wed, 08 Oct 2025 07:15:00 GMT

read more

CVE-2025-11440 - JhumanJ OpnForm edit access control

]]>

Wed, 08 Oct 2025 07:15:00 GMT

read more

CVE-2025-11441 - JhumanJ OpnForm HTTP Header excessive authentication

]]>

Wed, 08 Oct 2025 07:15:00 GMT

read more

CVE-2025-48464 - Exposure of Sensitive Information

]]>

Wed, 08 Oct 2025 07:15:00 GMT

read more

CVE-2025-10635 - Find Me On 2.0.9.1 - Subscriber+ SQL Injection

]]>

Wed, 08 Oct 2025 06:15:00 GMT

read more

CVE-2025-11171 - Chartify – WordPress Chart Plugin 3.5.9 - Missing Authentication for Administrative Function

]]>

Wed, 08 Oct 2025 06:15:00 GMT

read more

CVE-2025-11435 - JhumanJ OpnForm submissions cross site scripting

]]>

Wed, 08 Oct 2025 06:15:00 GMT

read more

CVE-2025-11436 - JhumanJ OpnForm answer unrestricted upload

]]>

Wed, 08 Oct 2025 06:15:00 GMT

read more

CVE-2025-11437 - JhumanJ OpnForm Form Editor forms cross site scripting

]]>

Wed, 08 Oct 2025 06:15:00 GMT

read more

CVE-2025-11204 - RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login 6.0.6.2 - Authenticated (Administrator+) SQL Injection

]]>

Wed, 08 Oct 2025 05:15:00 GMT

read more

CVE-2025-11432 - itsourcecode Leave Management System reset.php sql injection

]]>

Wed, 08 Oct 2025 05:15:00 GMT

read more

CVE-2025-11433 - itsourcecode Leave Management System Query Parameter controller.php redirect cross site scripting

]]>

Wed, 08 Oct 2025 05:15:00 GMT

read more

CVE-2025-11434 - itsourcecode Student Transcript Processing System login.php sql injection

]]>

Wed, 08 Oct 2025 05:15:00 GMT

read more

CVE-2025-10494 - Motors – Car Dealership Classified Listings Plugin 1.4.89 - Authenticated (Subscriber+) Arbitrary File Deletion

]]>

Wed, 08 Oct 2025 04:16:00 GMT

read more

CVE-2025-10587 - Community Events 1.5.1 - Unauthenticated SQL Injection

]]>

Wed, 08 Oct 2025 04:16:00 GMT

read more

CVE-2025-11430 - SourceCodester Simple E-Commerce Bookstore cart.php sql injection

]]>

Wed, 08 Oct 2025 04:16:00 GMT

read more

CVE-2025-11431 - code-projects Web-Based Inventory and POS System transaction.php sql injection

]]>

Wed, 08 Oct 2025 04:16:00 GMT

read more

CVE-2025-11425 - projectworlds Advanced Library Management System edit_admin.php cross site scripting

]]>

Wed, 08 Oct 2025 03:15:00 GMT

read more

CVE-2025-11426 - projectworlds Advanced Library Management System edit_book.php unrestricted upload

]]>

Wed, 08 Oct 2025 03:15:00 GMT

read more

CVE-2025-61787 - Deno is Vulnerable to Command Injection on Windows During Batch File Execution

]]>

Wed, 08 Oct 2025 02:15:00 GMT

read more

CVE-2025-11423 - Tenda CH22 SafeEmailFilter formSafeEmailFilter memory corruption

]]>

Wed, 08 Oct 2025 02:15:00 GMT

read more

CVE-2025-11424 - code-projects Web-Based Inventory and POS System login.php sql injection

]]>

Wed, 08 Oct 2025 02:15:00 GMT

read more

CVE-2025-11421 - code-projects Voting System candidates_edit.php cross site scripting

]]>

Wed, 08 Oct 2025 02:15:00 GMT

read more

CVE-2025-11422 - Campcodes Advanced Online Voting Management System login.php sql injection

]]>

Wed, 08 Oct 2025 02:15:00 GMT

read more

CVE-2025-11418 - Tenda CH22 HTTP Request AdvSetWrlsafeset formWrlsafeset stack-based overflow

]]>

Wed, 08 Oct 2025 01:15:00 GMT

read more

CVE-2025-11420 - code-projects E-Commerce Website edit_order_details.php sql injection

]]>

Wed, 08 Oct 2025 01:15:00 GMT

read more

CVE-2025-48981 - CGM MEDICO DNET Encryption Optional Vulnerability

]]>

Wed, 08 Oct 2025 01:15:00 GMT

read more

CVE-2025-61785 - Deno's --deny-write check does not prevent permission bypass

]]>

Wed, 08 Oct 2025 01:15:00 GMT

read more

CVE-2025-61786 - Deno's --deny-read check does not prevent permission bypass

]]>

Wed, 08 Oct 2025 01:15:00 GMT

read more

CVE-2025-61998 - OPEXUS FOIAXpress stored XSS via Hyperlink Manager

]]>

Wed, 08 Oct 2025 00:15:00 GMT

read more

CVE-2025-61999 - OPEXUS FOIAXpress stored XSS via logo image

]]>

Wed, 08 Oct 2025 00:15:00 GMT

read more

CVE-2025-11417 - Campcodes Advanced Online Voting Management System voters_add.php unrestricted upload

]]>

Wed, 08 Oct 2025 00:15:00 GMT

read more

CVE-2025-61996 - OPEXUS FOIAXpress stored XSS via annual report template

]]>

Wed, 08 Oct 2025 00:15:00 GMT

read more

CVE-2025-61997 - OPEXUS FOIAXpress stored XSS via banner image

]]>

Wed, 08 Oct 2025 00:15:00 GMT

read more

CVE-2025-11415 - PHPGurukul Beauty Parlour Management System customer-list.php sql injection

]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-11416 - PHPGurukul Beauty Parlour Management System invoices.php sql injection

]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-43822 - Multiple stored cross-site scripting (XSS) vulnera

]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-6046 - CVE-2019-25033: Apache Struts Unauthenticated Remote Code Execution Vulnerability

]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-11414 - GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds

]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-10904 - Apache Struts Remote Code Execution Vulnerability

]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-11410 - Campcodes Advanced Online Voting Management System voters_add.php sql injection

]]>

Tue, 07 Oct 2025 22:15:00 GMT

read more

CVE-2025-11412 - GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds

]]>

Tue, 07 Oct 2025 22:15:00 GMT

read more

CVE-2025-11413 - GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds

]]>

Tue, 07 Oct 2025 22:15:00 GMT

read more

CVE-2025-43823 - Liferay Portal Liferay DXP Cross-Site Scripting (XSS)

]]>

Tue, 07 Oct 2025 22:15:00 GMT

read more

CVE-2025-62186 - Anki URL Scheme Execution Vulnerability

]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-62187 - Anki Arbitrary File Write Vulnerability

]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-11408 - D-Link DI-7001 MINI dbsrv.asp buffer overflow

]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-11409 - Campcodes Advanced Online Voting Management System index.php sql injection

]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-34252 - NetSarang v5.0 Malicious Backdoor Supply Chain Compromise

]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-62185 - Ankitects Anki Arbitrary File Execution via YouTube Downloader

]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-44823 - Nagios Log Server API Key Disclosure

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-44824 - Nagios Log Server Elasticsearch Unauthenticated Service Stop

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-61910 - NASA ION-DTN BPv7 4.1.3s Uncontrolled Memory Allocation that leads to Denial-of-Service

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-6242 - Vllm: server side request forgery (ssrf) in mediaconnector

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-11406 - kaifangqian kaifangqian-base SysUserController.java getAllUsers information disclosure

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-11407 - D-Link DI-7001 MINI upgrade_filter.asp os command injection

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-11462 - Local Privilege Escalation Vulnerability in AWS Client VPN macOS Client

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-36565 - Dell PowerProtect Data Domain DD OS Command Injection Vulnerability

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-36566 - Dell PowerProtect Data Domain OS Command Injection Vulnerability

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-36567 - Dell PowerProtect Data Domain DD OS OS Command Injection Vulnerability

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-36569 - Dell PowerProtect Data Domain DD OS OS Command Injection Vulnerability

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-43727 - "Dell PowerProtect Data Domain DD OS Authentication Algorithm Implementation Vulnerability"

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-43910 - Dell PowerProtect Data Domain Stack-based Buffer Overflow Vulnerability

]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-61776 - Dependency-Track possibly discloses private NuGet repository credentials to api.nuget.org

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-61784 - LLaMA Factory's Chat API has Critical SSRF and LFI Vulnerabilities

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-45375 - Dell PowerProtect Data Domain with Data Domain Ope

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-61670 - Wasmtime has memory leak in C API with `externref` and `anyref` types

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43891 - Dell PowerProtect Data Domain Broken Authentication Cryptography Vulnerability

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43905 - Dell PowerProtect Data Domain DD OS Command Injection Vulnerability

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43907 - Dell PowerProtect Data Domain Path Traversal Information Exposure

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43908 - Dell PowerProtect Data Domain OS Command Injection Vulnerability

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43909 - Dell PowerProtect Data Domain DD OS Cryptographic Algorithm Vulnerability

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43912 - "Dell PowerProtect Data Domain DD OS Heap Buffer Overflow"

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43913 - Dell PowerProtect Data Domain DDOS Broken Cryptography Phishing Vulnerability

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43934 - Dell PowerProtect Data Domain DD OS Path Traversal Vulnerability

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-3448 - Reflected cross-site scripting vulnerabilities exist in System Diagnostics Manager

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-3449 - Weak Session Token used in Automation Runtime SDM

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43889 - Dell PowerProtect Data Domain DD OS Path Traversal Vulnerability

]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43914 - Dell PowerProtect Data Domain BoostFS for Linux Unauthorized Access Vulnerability

]]>

Tue, 07 Oct 2025 18:16:00 GMT

read more

CVE-2025-8291 - ZIP64 End of Central Directory (EOCD) Locator record offset not checked

]]>

Tue, 07 Oct 2025 18:16:00 GMT

read more

CVE-2025-11402 - SourceCodester Hotel and Lodge Management System del_curr.php sql injection

]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-11403 - SourceCodester Hotel and Lodge Management System del_booking.php sql injection

]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-1826 - IBM Jazz Foundation cross-site scripting

]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-36156 - IBM InfoSphere Data Replication VSAM for z/OS Remote Source code execution

]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-3450 - DoS Vulnerability in System Diagnostics Manager

]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-43890 - Dell PowerProtect Data Domain DD OS OS Command Injection Vulnerability

]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-43906 - Dell PowerProtect Data Domain DD OS OS Command Injection

]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-43911 - "Dell PowerProtect Data Domain DD OS OS Command Injection"

]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-11401 - SourceCodester Hotel and Lodge Management System save_curr.php sql injection

]]>

Tue, 07 Oct 2025 17:15:00 GMT

read more

CVE-2025-52021 - PuneethReddyHC Online Shopping System SQL Injection

]]>

Tue, 07 Oct 2025 17:15:00 GMT

read more

CVE-2025-56243 - PuneethReddyHC Event Management System XSS

]]>

Tue, 07 Oct 2025 17:15:00 GMT

read more

CVE-2023-53683 - fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53684 - xfrm: Zero padding when dumping algos and encap

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53685 - tun: Fix memory leak for detached NAPI queue.

sk.sk_write_queue after the queue is detached. We should prevent it by checking tfile->detached before queuing skb. Note this must be done under tfile->sk.sk_write_queue.lock because write() and ioctl(IFF_DETACH_QUEUE) can run concurrently. Otherwise, there would be a small race window: write() ioctl(IFF_DETACH_QUEUE) `- tun_get_user `- __tun_detach |- if (tfile->detached) |- tun_disable_queue | `-> false | `- tfile->detached = tun | `- tun_queue_purge |- spin_lock_bh(&queue->lock) `- __skb_queue_tail(queue, skb) Another solution is to call tun_queue_purge() when closing and reattaching the detached queue, but it could paper over another problems. Also, we do the same kind of test for IFF_NAPI_FRAGS. [0]: unreferenced object 0xffff88801edbc800 (size 2048): comm "syz-executor.1", pid 33269, jiffies 4295743834 (age 18.756s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............ backtrace: [] __do_kmalloc_node mm/slab_common.c:965 [inline] [] __kmalloc+0x4a/0x130 mm/slab_common.c:979 [] kmalloc include/linux/slab.h:563 [inline] [] sk_prot_alloc+0xef/0x1b0 net/core/sock.c:2035 [] sk_alloc+0x36/0x2f0 net/core/sock.c:2088 [] tun_chr_open+0x3d/0x190 drivers/net/tun.c:3438 [] misc_open+0x1a6/0x1f0 drivers/char/misc.c:165 [] chrdev_open+0x111/0x300 fs/char_dev.c:414 [] do_dentry_open+0x2f9/0x750 fs/open.c:920 [] do_open fs/namei.c:3636 [inline] [] path_openat+0x143f/0x1a30 fs/namei.c:3791 [] do_filp_open+0xce/0x1c0 fs/namei.c:3818 [] do_sys_openat2+0xf0/0x260 fs/open.c:1356 [] do_sys_open fs/open.c:1372 [inline] [] __do_sys_openat fs/open.c:1388 [inline] [] __se_sys_openat fs/open.c:1383 [inline] [] __x64_sys_openat+0x83/0xf0 fs/open.c:1383 [] do_syscall_x64 arch/x86/entry/common.c:50 [inline] [] do_syscall_64+0x3c/0x90 arch/x86/entry/common.c:80 [] entry_SYSCALL_64_after_hwframe+0x72/0xdc unreferenced object 0xffff88802f671700 (size 240): comm "syz-executor.1", pid 33269, jiffies 4295743854 (age 18.736s) hex dump (first 32 bytes): 68 c9 db 1e 80 88 ff ff 68 c9 db 1e 80 88 ff ff h.......h....... 00 c0 7b 2f 80 88 ff ff 00 c8 db 1e 80 88 ff ff ..{/............ backtrace: [] __alloc_skb+0x223/0x250 net/core/skbuff.c:644 [] alloc_skb include/linux/skbuff.h:1288 [inline] [] alloc_skb_with_frags+0x6f/0x350 net/core/skbuff.c:6378 [] sock_alloc_send_pskb+0x3ac/0x3e0 net/core/sock.c:2729 [] tun_alloc_skb drivers/net/tun.c:1529 [inline] [ Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53686 - net/handshake: fix null-ptr-deref in handshake_nl_done_doit()

sk can return garbage. This also reverts 7afc6d0a107f ("net/handshake: Fix uninitialized local variable") Unable to handle kernel paging request at virtual address dfff800000000003 KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] Mem abort info: ESR = 0x0000000096000005 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x05: level 1 translation fault Data abort info: ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [dfff800000000003] address between user and kernel address ranges Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP Modules linked in: CPU: 1 PID: 5986 Comm: syz-executor292 Not tainted 6.5.0-rc7-syzkaller-gfe4469582053 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : handshake_nl_done_doit+0x198/0x9c8 net/handshake/netlink.c:193 lr : handshake_nl_done_doit+0x180/0x9c8 sp : ffff800096e37180 x29: ffff800096e37200 x28: 1ffff00012dc6e34 x27: dfff800000000000 x26: ffff800096e373d0 x25: 0000000000000000 x24: 00000000ffffffa8 x23: ffff800096e373f0 x22: 1ffff00012dc6e38 x21: 0000000000000000 x20: ffff800096e371c0 x19: 0000000000000018 x18: 0000000000000000 x17: 0000000000000000 x16: ffff800080516cc4 x15: 0000000000000001 x14: 1fffe0001b14aa3b x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000003 x8 : 0000000000000003 x7 : ffff800080afe47c x6 : 0000000000000000 x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff800080a88078 x2 : 0000000000000001 x1 : 00000000ffffffa8 x0 : 0000000000000000 Call trace: handshake_nl_done_doit+0x198/0x9c8 net/handshake/netlink.c:193 genl_family_rcv_msg_doit net/netlink/genetlink.c:970 [inline] genl_family_rcv_msg net/netlink/genetlink.c:1050 [inline] genl_rcv_msg+0x96c/0xc50 net/netlink/genetlink.c:1067 netlink_rcv_skb+0x214/0x3c4 net/netlink/af_netlink.c:2549 genl_rcv+0x38/0x50 net/netlink/genetlink.c:1078 netlink_unicast_kernel net/netlink/af_netlink.c:1339 [inline] netlink_unicast+0x660/0x8d4 net/netlink/af_netlink.c:1365 netlink_sendmsg+0x834/0xb18 net/netlink/af_netlink.c:1914 sock_sendmsg_nosec net/socket.c:725 [inline] sock_sendmsg net/socket.c:748 [inline] ____sys_sendmsg+0x56c/0x840 net/socket.c:2494 ___sys_sendmsg net/socket.c:2548 [inline] __sys_sendmsg+0x26c/0x33c net/socket.c:2577 __do_sys_sendmsg net/socket.c:2586 [inline] __se_sys_sendmsg net/socket.c:2584 [inline] __arm64_sys_sendmsg+0x80/0x94 net/socket.c:2584 __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:51 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:136 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:155 el0_svc+0x58/0x16c arch/arm64/kernel/entry-common.c:678 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:696 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 Code: 12800108 b90043e8 910062b3 d343fe68 (387b6908) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53687 - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2025-11399 - SourceCodester Hotel and Lodge Management System save_room.php sql injection

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2025-11400 - SourceCodester Hotel and Lodge Management System del_room.php sql injection

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2025-60312 - Sourcecodester Markdown to HTML Converter XSS

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53674 - clk: Fix memory leak in devm_clk_notifier_register()

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53675 - scsi: ses: Fix possible desc_ptr out-of-bounds accesses

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53676 - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53677 - drm/i915: Fix memory leaks in i915 selftests

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53678 - drm/i915: Fix system suspend without fbdev being initialized

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53679 - wifi: mt7601u: fix an integer underflow

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53680 - NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

opnum == OP_ILLEGAL OPDESC() simply indexes into nfsd4_ops[] by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds opnum value. nfsd4_decode_compound() is not so careful, and can invoke OPDESC() with opnum set to OP_ILLEGAL, which is 10044 -- well beyond the end of nfsd4_ops[]. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53681 - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent

bch_btree_node_alloc->__bch_btree_node_alloc. Fix it by initializing the return value in __bch_btree_node_alloc. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53682 - hwmon: (xgene) Fix ioremap and memremap leak

pcc_comm_addr' from ioremap() not released on line: 757. This is because in drivers/hwmon/xgene-hwmon.c:701 xgene_hwmon_probe(), ioremap and memremap is not released, which may cause a leak. To fix this, ioremap and memremap is modified to devm_ioremap and devm_memremap. [groeck: Fixed formatting and subject] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53666 - ASoC: codecs: wcd938x: fix missing mbhc init error handling

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53667 - net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53668 - ring-buffer: Fix deadloop issue on reading trace_pipe

overrun' (see rb_remove_pages()), which cause wrong 'overrun' count and eventually cause the deadloop issue. To fix it, we need to clear every pages in rb_reset_cpu(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53669 - tcp: fix skb_copy_ubufs() vs BIG TCP

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53670 - nvme-core: fix dev_pm_qos memleak

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53671 - srcu: Delegate work to the boot cpu if using SRCU_SIZE_SMALL

/proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 243.686281] task:systemd state:D stack:0 pid:1 ppid:0 flags:0x00042000 [ 243.686296] Call Trace: [ 243.686301] [c000000016657640] [c000000016657670] 0xc000000016657670 (unreliable) [ 243.686317] [c000000016657830] [c00000001001dec0] __switch_to+0x130/0x220 [ 243.686333] [c000000016657890] [c000000010f607b8] __schedule+0x1f8/0x580 [ 243.686347] [c000000016657940] [c000000010f60bb4] schedule+0x74/0x140 [ 243.686361] [c0000000166579b0] [c000000010f699b8] schedule_timeout+0x168/0x1c0 [ 243.686374] [c000000016657a80] [c000000010f61de8] __wait_for_common+0x148/0x360 [ 243.686387] [c000000016657b20] [c000000010176bb0] __flush_work.isra.0+0x1c0/0x3d0 [ 243.686401] [c000000016657bb0] [c0000000105f2768] fsnotify_wait_marks_destroyed+0x28/0x40 [ 243.686415] [c000000016657bd0] [c0000000105f21b8] fsnotify_destroy_group+0x68/0x160 [ 243.686428] [c000000016657c40] [c0000000105f6500] inotify_release+0x30/0xa0 [ 243.686440] [c000000016657cb0] [c0000000105751a8] __fput+0xc8/0x350 [ 243.686452] [c000000016657d00] [c00000001017d524] task_work_run+0xe4/0x170 [ 243.686464] [c000000016657d50] [c000000010020e94] do_notify_resume+0x134/0x140 [ 243.686478] [c000000016657d80] [c00000001002eb18] interrupt_exit_user_prepare_main+0x198/0x270 [ 243.686493] [c000000016657de0] [c00000001002ec60] syscall_exit_prepare+0x70/0x180 [ 243.686505] [c000000016657e10] [c00000001000bf7c] system_call_vectored_common+0xfc/0x280 [ 243.686520] --- interrupt: 3000 at 0x7fffa47d5ba4 [ 243.686528] NIP: 00007fffa47d5ba4 LR: 0000000000000000 CTR: 0000000000000000 [ 243.686538] REGS: c000000016657e80 TRAP: 3000 Not tainted (6.1.0-rc1) [ 243.686548] MSR: 800000000000d033 CR: 42044440 XER: 00000000 [ 243.686572] IRQMASK: 0 [ 243.686572] GPR00: 0000000000000006 00007ffffa606710 00007fffa48e7200 0000000000000000 [ 243.686572] GPR04: 0000000000000002 000000000000000a 0000000000000000 0000000000000001 [ 243.686572] GPR08: 000001000c172dd0 0000000000000000 0000000000000000 0000000000000000 [ 243.686572] GPR12: 0000000000000000 00007fffa4ff4bc0 0000000000000000 0000000000000000 [ 243.686572] GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 [ 243.686572] GPR20: 0000000132dfdc50 000000000000000e 0000000000189375 0000000000000000 [ 243.686572] GPR24: 00007ffffa606ae0 0000000000000005 000001000c185490 000001000c172570 [ 243.686572] GPR28: 000001000c172990 000001000c184850 000001000c172e00 00007fffa4fedd98 [ 243.686683] NIP [00007fffa47d5ba4] 0x7fffa47d5ba4 [ 243.686691] LR [0000000000000000] 0x0 [ 243.686698] --- interrupt: 3000 [ 243.686708] INFO: task kworker/u16:1:24 blocked for more than 122 seconds. [ 243.686717] Not tainted 6.1.0-rc1 #1 [ 243.686724] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 243.686733] task:kworker/u16:1 state:D stack:0 pid:24 ppid:2 flags:0x00000800 [ 243.686747] Workqueue: events_unbound fsnotify_mark_destroy_workfn [ 243.686758] Call Trace: [ 243.686762] [c0000000166736e0] [c00000004fd91000] 0xc00000004fd91000 (unreliable) [ 243.686775] [c0000000166738d0] [c00000001001dec0] __switch_to+0x130/0x220 [ 243.686788] [c000000016673930] [c000000010f607b8] __schedule+0x1f8/0x ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53672 - btrfs: output extra debug info if we failed to find an inline backref

]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53673 - Bluetooth: hci_event: call disconnect callback before deleting conn

28:3d:c2:4a:7e:da ... iso_conn_add:140: hcon 000000001696f1fd conn 00000000b6251073 hci_dev_put:1487: hci0 orig refcnt 17 __iso_chan_add:214: conn 00000000b6251073 iso_sock_clear_timer:117: sock 00000000eabd6557 state 3 ... hci_rx_work:4085: hci0 Event packet hci_event_packet:7601: hci0: event 0x0f hci_cmd_status_evt:4346: hci0: opcode 0x0406 hci_cs_disconnect:2760: hci0: status 0x0c hci_sent_cmd_data:3107: hci0 opcode 0x0406 hci_conn_del:1151: hci0 hcon 000000001696f1fd handle 2560 hci_conn_unlink:1102: hci0: hcon 000000001696f1fd hci_conn_drop:1451: hcon 00000000d8521aaf orig refcnt 2 hci_chan_list_flush:2780: hcon 000000001696f1fd hci_dev_put:1487: hci0 orig refcnt 21 hci_dev_put:1487: hci0 orig refcnt 20 hci_req_cmd_complete:3978: opcode 0x0406 status 0x0c ... ... iso_sock_sendmsg:1098: sock 00000000dea5e2e0, sk 00000000eabd6557 BUG: kernel NULL pointer dereference, address: 0000000000000668 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014 RIP: 0010:iso_sock_sendmsg (net/bluetooth/iso.c:1112) bluetooth ========================================================== L2CAP: ================================================================== hci_cmd_status_evt:4359: hci0: opcode 0x0406 hci_cs_disconnect:2760: hci0: status 0x0c hci_sent_cmd_data:3085: hci0 opcode 0x0406 hci_conn_del:1151: hci0 hcon ffff88800c999000 handle 3585 hci_conn_unlink:1102: hci0: hcon ffff88800c999000 hci_chan_list_flush:2780: hcon ffff88800c999000 hci_chan_del:2761: hci0 hcon ffff88800c999000 chan ffff888018ddd280 ... BUG: KASAN: slab-use-after-free in hci_send_acl+0x2d/0x540 [bluetooth] Read of size 8 at addr ffff888018ddd298 by task bluetoothd/1175 CPU: 0 PID: 1175 Comm: bluetoothd Tainted: G E 6.4.0-rc4+ #2 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014 Call Trace: dump_stack_lvl+0x5b/0x90 print_report+0xcf/0x670 ? __virt_addr_valid+0xf8/0x180 ? hci_send_acl+0x2d/0x540 [bluetooth] kasan_report+0xa8/0xe0 ? hci_send_acl+0x2d/0x540 [bluetooth] hci_send_acl+0x2d/0x540 [bluetooth] ? __pfx___lock_acquire+0x10/0x10 l2cap_chan_send+0x1fd/0x1300 [bluetooth] ? l2cap_sock_sendmsg+0xf2/0x170 [bluetooth] ? __pfx_l2cap_chan_send+0x10/0x10 [bluetooth] ? lock_release+0x1d5/0x3c0 ? mark_held_locks+0x1a/0x90 l2cap_sock_sendmsg+0x100/0x170 [bluetooth] sock_write_iter+0x275/0x280 ? __pfx_sock_write_iter+0x10/0x10 ? __pfx___lock_acquire+0x10/0x10 do_iter_readv_writev+0x176/0x220 ? __pfx_do_iter_readv_writev+0x10/0x10 ? find_held_lock+0x83/0xa0 ? selinux_file_permission+0x13e/0x210 do_iter_write+0xda/0x340 vfs_writev+0x1b4/0x400 ? __pfx_vfs_writev+0x10/0x10 ? __seccomp_filter+0x112/0x750 ? populate_seccomp_data+0x182/0x220 ? __fget_light+0xdf/0x100 ? do_writev+0x19d/0x210 do_writev+0x19d/0x210 ? __pfx_do_writev+0x10/0x10 ? mark_held_locks+0x1a/0x90 do_syscall_64+0x60/0x90 ? lockdep_hardirqs_on_prepare+0x149/0x210 ? do_syscall_64+0x6c/0x90 ? lockdep_hardirqs_on_prepare+0x149/0x210 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7ff45cb23e64 Code: 15 d1 1f 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d 9d a7 0d 00 00 74 13 b8 14 00 00 00 0f 05 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89 RSP: 002b:00007fff21ae09b8 EFLAGS: 00000202 ORIG_RAX: 0000000000000014 RAX: ffffffffffffffda RBX: ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53664 - OPP: Fix potential null ptr dereference in dev_pm_opp_get_required_pstate()

]]>

Tue, 07 Oct 2025 15:21:00 GMT

read more

CVE-2023-53665 - md: don't dereference mddev after export_rdev()

kobject is referenced by rdev->kobject, and if the last rdev is freed, there is no guarantee that mddev is still valid. Hence mddev should not be used anymore after export_rdev(). This problem can be triggered by following test for mdadm at very low rate: New file: mdadm/tests/23rdev-lifetime devname=${dev0##*/} devt=`cat /sys/block/$devname/dev` pid="" runtime=2 clean_up_test() { pill -9 $pid echo clear > /sys/block/md0/md/array_state } trap 'clean_up_test' EXIT add_by_sysfs() { while true; do echo $devt > /sys/block/md0/md/new_dev done } remove_by_sysfs(){ while true; do echo remove > /sys/block/md0/md/dev-${devname}/state done } echo md0 > /sys/module/md_mod/parameters/new_array || die "create md0 failed" add_by_sysfs & pid="$pid $!" remove_by_sysfs & pid="$pid $!" sleep $runtime exit 0 Test cmd: ./test --save-logs --logdir=/tmp/ --keep-going --dev=loop --tests=23rdev-lifetime Test result: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6bcb: 0000 [#4] PREEMPT SMP CPU: 0 PID: 1292 Comm: test Tainted: G D W 6.5.0-rc2-00121-g01e55c376936 #562 RIP: 0010:md_wakeup_thread+0x9e/0x320 [md_mod] Call Trace: mddev_unlock+0x1b6/0x310 [md_mod] rdev_attr_store+0xec/0x190 [md_mod] sysfs_kf_write+0x52/0x70 kernfs_fop_write_iter+0x19a/0x2a0 vfs_write+0x3b5/0x770 ksys_write+0x74/0x150 __x64_sys_write+0x22/0x30 do_syscall_64+0x40/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd Fix this problem by don't dereference mddev after export_rdev(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 07 Oct 2025 15:21:00 GMT

read more

CVE-2021-22291 - EIBPORT Reflected XSS

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-11397 - SourceCodester Hotel and Lodge Management System login.php sql injection

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-25009 - Kibana Cross-Site Scripting (XSS)

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-37728 - Kibana Insufficiently Protected Credentials in the CrowdStrike Connector

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-48826 - Planet WGR-500 Format String Vulnerability

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-50505 - Clash Verge Rev Privilege Escalation Vulnerability

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-53476 - OpenPLC ModbusTCP Server Denial of Service

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54399 - Planet WGR-500 HTTP PingCmd Stack-Based Buffer Overflow

&1 > %s &"` string. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54400 - Planet WGR-500 HTTP PingCmd Stack-Based Buffer Overflow Vulnerability

&1 > %s &"` string. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54401 - Planet WGR-500 HTTP FormPingCmd Stack Buffer Overflow

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54402 - Multiple stack-based buffer overflow vulnerabiliti

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54403 - Planet WGR-500 Swctrl OS Command Injection Vulnerability

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54404 - Planet WGR-500 OS Command Injection Vulnerability in swctrl

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54405 - Planet WGR-500 HTTP PingCmd Command Injection Vulnerability

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54406 - Planet WGR-500 OS Command Injection Vulnerability

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-57564 - CubeAPM Unauthenticated Log Injection Vulnerability

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-59425 - vLLM vulnerable to timing attack at bearer auth

]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-3719 - Incorrect authorization for CLI in Guardian/CMC before 25.2.0

]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40649 - Múltiples vulnerabilidades en Negotiator de BBMRI-ERIC

]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40676 - Múltiples vulnerabilidades en Negotiator de BBMRI-ERIC

]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40885 - Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0

]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40886 - Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0

]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40887 - Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0

]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40888 - Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0

]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40889 - Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0

]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-11396 - code-projects Simple Food Ordering System product.php sql injection

]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-3718 - Client-side path traversal in Guardian/CMC before 25.2.0

]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-0603 - SQLi in Callvision Healthcare's Callvision Emergency Code

]]>

Tue, 07 Oct 2025 12:15:00 GMT

read more

CVE-2025-11389 - Tenda AC15 saveAutoQos stack-based overflow

]]>

Tue, 07 Oct 2025 12:15:00 GMT

read more

CVE-2025-11390 - PHPGurukul Cyber Cafe Management System POST Parameter search.php cross site scripting

]]>

Tue, 07 Oct 2025 12:15:00 GMT

read more

CVE-2025-11387 - Tenda AC15 fast_setting_pppoe_set stack-based overflow

]]>

Tue, 07 Oct 2025 11:16:00 GMT

read more

CVE-2025-11388 - Tenda AC15 setNotUpgrade stack-based overflow

]]>

Tue, 07 Oct 2025 11:16:00 GMT

read more

CVE-2025-11385 - Tenda AC20 fast_setting_wifi_set sscanf buffer overflow

]]>

Tue, 07 Oct 2025 10:15:00 GMT

read more

CVE-2025-11386 - Tenda AC15 POST Parameter SetDDNSCfg stack-based overflow

]]>

Tue, 07 Oct 2025 10:15:00 GMT

read more

CVE-2025-10645 - WP Reset 2.05 - Unauthenticated Sensitive Information Exposure via wf-licensing.log

]]>

Tue, 07 Oct 2025 09:15:00 GMT

read more

CVE-2025-11359 - code-projects Simple Banking System transfermoney.php sql injection

]]>

Tue, 07 Oct 2025 09:15:00 GMT

read more

CVE-2025-11360 - jakowenko double-take API app.js app.use cross site scripting

]]>

Tue, 07 Oct 2025 09:15:00 GMT

read more

CVE-2025-11358 - code-projects Simple Banking System removeuser.php sql injection

]]>

Tue, 07 Oct 2025 08:15:00 GMT

read more

CVE-2025-7400 - Featured Image from URL (FIFU) 5.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Featured Image Custom Fields

]]>

Tue, 07 Oct 2025 08:15:00 GMT

read more

CVE-2025-11357 - code-projects Simple Banking System createuser.php sql injection

]]>

Tue, 07 Oct 2025 08:15:00 GMT

read more

CVE-2025-11355 - UTT 1250GW aspChangeChannel strcpy buffer overflow

]]>

Tue, 07 Oct 2025 07:15:00 GMT

read more

CVE-2025-11356 - Tenda AC23 SetStaticRouteCfg sscanf buffer overflow

]]>

Tue, 07 Oct 2025 07:15:00 GMT

read more

CVE-2025-10162 - OrderConvo 14 - Unauthenticated Arbitrary File Read

]]>

Tue, 07 Oct 2025 06:15:00 GMT

read more

CVE-2025-11353 - code-projects Online Hotel Reservation System addgalleryexec.php unrestricted upload

]]>

Tue, 07 Oct 2025 06:15:00 GMT

read more

CVE-2025-11354 - code-projects Online Hotel Reservation System addslideexec.php unrestricted upload

]]>

Tue, 07 Oct 2025 06:15:00 GMT

read more

CVE-2025-11351 - code-projects Online Hotel Reservation System editpicexec.php unrestricted upload

]]>

Tue, 07 Oct 2025 05:15:00 GMT

read more

CVE-2025-11352 - code-projects Online Hotel Reservation System addexec.php unrestricted upload

]]>

Tue, 07 Oct 2025 05:15:00 GMT

read more

CVE-2025-11362 - "Pdfmake Resource Allocation Vulnerability"

]]>

Tue, 07 Oct 2025 05:15:00 GMT

read more

CVE-2025-11349 - Campcodes Online Apartment Visitor Management System search-visitor.php sql injection

]]>

Tue, 07 Oct 2025 04:16:00 GMT

read more

CVE-2025-11350 - Campcodes Online Apartment Visitor Management System bwdates-reports-details.php sql injection

]]>

Tue, 07 Oct 2025 04:16:00 GMT

read more

CVE-2025-11347 - code-projects Student Crud Operation Add Student Page/Edit Student add.php move_uploaded_file unrestricted upload

]]>

Tue, 07 Oct 2025 03:15:00 GMT

read more

CVE-2025-11348 - Campcodes Online Apartment Visitor Management System index.php sql injection

]]>

Tue, 07 Oct 2025 03:15:00 GMT

read more

CVE-2025-34251 - Tesla Telematics Control Unit (TCU) v2025.14 Authentication Bypass

]]>

Tue, 07 Oct 2025 00:15:00 GMT

read more

CVE-2025-61774 - PyVista has Dependency Confusion Vulnerability in that leads to RCE

]]>

Mon, 06 Oct 2025 23:15:00 GMT

read more

Maturité cyber des TPE-PME : encore un cap à franchir

]]>

Mon, 06 Oct 2025 22:45:00 GMT

read more

CVE-2025-43824 - Liferay Portal Cross-Site Scripting (XSS) and File Extension Manipulation

]]>

Mon, 06 Oct 2025 22:15:00 GMT

read more

CVE-2025-61768 - Kuno CMS Vulnerable to Server-Side Request Forgery (SSRF) via Unsafe SVG Upload

]]>

Mon, 06 Oct 2025 22:15:00 GMT

read more

CVE-2025-59452 - YoSmart YoLink MD5 Hash Predictability

]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-59451 - YoSmart YoLink Session Token Lifetime Vulnerability

]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-59447 - YoSmart YoLink Smart Hub UART Debug Interface Information Disclosure

]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-59448 - YoSmart YoLink Unencrypted MQTT Communication Vulnerability

]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-59449 - YoLink MQTT Broker Authorization Bypass

]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-59450 - YoSmart YoLink Smart Hub Unencrypted Credentials Disclosure

]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-11346 - ILIAS Base64 Decoding unserialize deserialization

]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-61984 - OpenSSH SSH Command Injection

]]>

Mon, 06 Oct 2025 19:15:00 GMT

read more

CVE-2025-61985 - OpenSSH SSH URI Injection Vulnerability

]]>

Mon, 06 Oct 2025 19:15:00 GMT

read more

Fuite de données chez France Travail

]]>

Mon Oct 06 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Discord

]]>

Sat Oct 04 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Le MOOC « SecNumacadémie » en cours d’évolution

]]>

Thu, 02 Oct 2025 07:42:00 GMT

read more

Lettres d&rsquo;information

]]>

Wed, 01 Oct 2025 15:21:00 GMT

read more

Enquête Éducation nationale sur la connaissance de la cyber auprès des élèves du CM1 à la 6e*

]]>

Mon, 29 Sep 2025 11:06:00 GMT

read more

Fuite de données chez La Nef

]]>

Thu Sep 25 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Cybermalveillance.gouv.fr dévoile un livret pour les enfants de 9–12 ans : « Le numérique, pas de panique ! »

]]>

Wed, 24 Sep 2025 09:41:00 GMT

read more

Fuite de données chez Inovie Labosud

]]>

Tue Sep 23 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

REMPAR25 : un exercice de crise cyber d’une ampleur inédite

]]>

Mon, 22 Sep 2025 11:47:00 GMT

read more

Fuite de données chez Digital Charging Solutions

]]>

Sat Sep 20 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Fédération Française de Tennis de Table

]]>

Fri Sep 19 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Clarins

]]>

Thu Sep 18 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Cybermois 2025

]]>

Wed, 10 Sep 2025 22:12:00 GMT

read more

Participez à la chasse au trésor du Cybermois avec à la clé de nombreux lots à gagner

]]>

Wed, 10 Sep 2025 21:45:00 GMT

read more

Lancement du Cybermois 2025 : cap sur les territoires avec le CyberTour de France

]]>

Wed, 10 Sep 2025 21:41:00 GMT

read more

Cybermois 2025 : les Français face aux cybermenaces 2ème baromètre IPSOS pour Cybermalveillance.gouv.fr

]]>

Wed, 10 Sep 2025 21:40:00 GMT

read more

Fuite de données chez Plex

]]>

Tue Sep 09 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Eklo

]]>

Wed Sep 03 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2024-12972 - Akinsoft OctoCloud - Cross-Site Scripting (XSS)

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2024-12973 - Akinsoft OctoCloud Origin Validation Error HTTP Response Splitting

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2024-52284 - Helm Unauthorized Data Disclosure Vulnerability

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2024-58259 - Rancher Manager Denial of Service (DoS) via Excessive Payload Attack

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-0640 - Akinsoft OctoCloud Authorization Bypass Resource Leak

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-2414 - Akinsoft OctoCloud Authentication Bypass

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-46810 - Traefik2 openSUSE Tumbleweed Symlink Following Root Escalation

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52543 - D-Link E3 Site Supervisor Control Password Hashing Weakness

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52544 - E3 Site Supervisor File System Access Vulnerability (File Upload)

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52545 - E3 Site Supervisor Authentication Information Disclosure

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52546 - E3 Site Supervisor Stored XSS Vulnerability

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52547 - E3 Site Supervisor Control MGW Denial of Service

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52548 - E3 Site Supervisor Unauthenticated Remote Command Execution

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52549 - E3 Site Supervisor Root Password Generation Vulnerability

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52550 - E3 Site Supervisor Firmware Upgrade Package Spoofing Vulnerability

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52551 - E2 Facility Management Systems Unauthenticated File Operations Vulnerability

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-56254 - PHPGurukul Employee Leave Management System IDOR

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-57140 - "rsbi-pom SQL Injection Vulnerability"

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-5662 - H2O-3 MySQL JDBC Driver RCE Deserialization Vulnerability

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-6519 - E3 Site Supervisor Default Admin Account Predictable Password Vulnerability

]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-41030 - T-INNOVA Deporsite Unauthenticated Information Disclosure

]]>

Tue, 02 Sep 2025 09:15:00 GMT

read more

CVE-2025-41031 - T-INNOVA Deporsite Unauthenticated Profile Picture Upload Vulnerability

]]>

Tue, 02 Sep 2025 09:15:00 GMT

read more

CVE-2025-9573 - "TYPO3 ns_backup Command Injection Vulnerability"

]]>

Tue, 02 Sep 2025 09:15:00 GMT

read more

CVE-2025-41690 - Cisco Bluetooth Event Log Password Disclosure Vulnerability

]]>

Tue, 02 Sep 2025 08:15:00 GMT

read more

CVE-2025-44017 - Gunosy JWT Token Exposure Vulnerability

]]>

Tue, 02 Sep 2025 08:15:00 GMT

read more

CVE-2025-9813 - Tenda CH22 Buffer Overflow Vulnerability

]]>

Tue, 02 Sep 2025 05:15:00 GMT

read more

CVE-2025-9814 - PHPGurukul Beauty Parlour Management System SQL Injection Vulnerability

]]>

Tue, 02 Sep 2025 05:15:00 GMT

read more

CVE-2025-9815 - Apple NSXPCListener Unauthenticated Local Privilege Escalation

]]>

Tue, 02 Sep 2025 05:15:00 GMT

read more

CVE-2025-58414 - Apache HTTP Server Cross-Site Request Forgery

]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58415 - Apache Web Server Information Disclosure

]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58416 - Apache HTTP Server Unvalidated User Input

]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58417 - Apache HTTP Server Authentication Bypass

]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58418 - WhatsApp Audio Format Vulnerability

]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58419 - Cisco WebEx Meeting Center Cross-Site Request Forgery

]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58420 - Apache HTTP Server Directory Traversal Vulnerability

]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58421 - Apache HTTP Server Authentication Bypass

]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-8662 - OpenAM Consortium Edition SAML IdP Request Tampering Vulnerability

]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-9811 - Campcodes Farm Management System SQL Injection Vulnerability

]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-9812 - Tenda CH22 Remote Buffer Overflow Vulnerability

]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-57808 - ESPHome Web Server Authentication Bypass Vulnerability

]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-58161 - MobSF Directory Traversal Vulnerability

]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-58162 - MobSF File Write Arbitrary Directory Local File Inclusion

]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-58178 - SonarQube Server and Cloud Command Injection Vulnerability

]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-9805 - SimStudioAI Server-Side Request Forgery Vulnerability

]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-9806 - Tenda Administrative Interface Local Hard-Coded Credential Injection Vulnerability

]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-9802 - RemoteClinic SQL Injection Vulnerability

]]>

Tue, 02 Sep 2025 00:15:00 GMT

read more

CVE-2025-9800 - SimStudioAI HTML File Parser Unrestricted File Upload Vulnerability

]]>

Mon, 01 Sep 2025 23:15:00 GMT

read more

CVE-2025-9801 - SimStudioAI Path Traversal Remote Vulnerability

]]>

Mon, 01 Sep 2025 23:15:00 GMT

read more

CVE-2025-9797 - ExpressCart Remote Code Injection Vulnerability

]]>

Mon, 01 Sep 2025 22:15:00 GMT

read more

CVE-2025-9799 - Langfuse SSRF Vulnerability

]]>

Mon, 01 Sep 2025 22:15:00 GMT

read more

CVE-2024-28988 - SolarWinds Web Help Desk Java Deserialization Remote Code Execution

]]>

Mon, 01 Sep 2025 22:15:00 GMT

read more

CVE-2025-9796 - JeeSite Thinkgem Cross-Site Scripting Vulnerability

]]>

Mon, 01 Sep 2025 22:15:00 GMT

read more

CVE-2025-9795 - xujeff tianti Unrestricted File Upload Vulnerability

]]>

Mon, 01 Sep 2025 21:15:00 GMT

read more

CVE-2025-9794 - Campcodes Computer Sales and Inventory System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 21:15:00 GMT

read more

CVE-2025-9792 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 20:15:00 GMT

read more

CVE-2025-9793 - Apachebi's Apartment Management System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 20:15:00 GMT

read more

CVE-2025-9790 - SourceCodester Hotel Reservation System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 19:15:00 GMT

read more

CVE-2025-9791 - Tenda AC20 Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 01 Sep 2025 19:15:00 GMT

read more

CVE-2025-9809 - Libretro Common CDFS Out-of-Bounds Write Vulnerability

]]>

Mon, 01 Sep 2025 19:15:00 GMT

read more

CVE-2025-9810 - "OpenBSD Linonoise TOCTOU File Overwrite Vulnerability"

]]>

Mon, 01 Sep 2025 19:15:00 GMT

read more

CVE-2025-3586 - Liferay Portal Object Action Groovy Scripting Remote Code Execution

]]>

Mon, 01 Sep 2025 18:15:00 GMT

read more

CVE-2025-9788 - SourceCodester/Campcodes School Log Management System SQL Injection

]]>

Mon, 01 Sep 2025 18:15:00 GMT

read more

CVE-2025-9789 - SourceCodester Online Hotel Reservation System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 18:15:00 GMT

read more

CVE-2025-9375 - Apache xmltodict XML Injection Vulnerability

]]>

Mon, 01 Sep 2025 17:15:00 GMT

read more

CVE-2025-55007 - Knowage Server-Side Request Forgery Vulnerability

]]>

Mon, 01 Sep 2025 16:15:00 GMT

read more

CVE-2025-57799 - StreamVault Command Injection Vulnerability

]]>

Mon, 01 Sep 2025 16:15:00 GMT

read more

CVE-2025-9786 - Campcodes Online Learning Management System SQL Injection

]]>

Mon, 01 Sep 2025 16:15:00 GMT

read more

CVE-2025-33099 - IBM Concert Software SSL/TLS Certificate Validation Vulnerability

]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-33102 - IBM Concert Software Weak Cryptography Vulnerability

]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-9783 - TOTOLINK A702R Buffer Overflow Vulnerability

]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-33084 - IBM Concert Software Information Disclosure

]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-0656 - IBM Concert Software Cross-Site Scripting Vulnerability

]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-33082 - IBM Concert Software Cross-Site Scripting Vulnerability

]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-33083 - IBM Concert Software Cross-Site Scripting (XSS)

]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-9781 - TOTOLINK A702R Buffer Overflow in FormFilter Function

]]>

Mon, 01 Sep 2025 14:15:00 GMT

read more

CVE-2025-9782 - TOTOLINK A702R Buffer Overflow Vulnerability

]]>

Mon, 01 Sep 2025 14:15:00 GMT

read more

CVE-2025-9780 - TOTOLINK A702R Buffer Overflow Vulnerability

]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2024-12925 - Akınsoft QR Menü Certificate Validation HTTP Response Splitting

]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2025-0610 - Akınsoft QR Menü CSRF

]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2025-2412 - Akinsoft QR Menu Authentication Bypass

]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2025-9779 - TOTOLINK A702R Remote Buffer Overflow Vulnerability

]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2024-12914 - Akınsoft QR Menü Cross-Site Scripting (XSS)

]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2024-12924 - Akınsoft QR Menü Open Redirect Vulnerability

]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2025-36133 - IBM App Connect Enterprise Certified Container Log Information Disclosure Vulnerability

]]>

Mon, 01 Sep 2025 12:15:00 GMT

read more

CVE-2025-9778 - Tenda W12 Hard-Coded Credentials Vulnerability

]]>

Mon, 01 Sep 2025 12:15:00 GMT

read more

CVE-2025-9774 - RemoteClinic Information Disclosure Vulnerability

]]>

Mon, 01 Sep 2025 11:15:00 GMT

read more

CVE-2025-9775 - RemoteClinic Arbitrary File Upload Vulnerability

]]>

Mon, 01 Sep 2025 11:15:00 GMT

read more

CVE-2025-9773 - RemoteClinic Cross Site Scripting (XSS)

]]>

Mon, 01 Sep 2025 10:15:00 GMT

read more

CVE-2025-9772 - RemoteClinic Unrestricted File Upload Vulnerability

]]>

Mon, 01 Sep 2025 10:15:00 GMT

read more

CVE-2025-9770 - Campcodes Hospital Management System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 09:15:00 GMT

read more

CVE-2025-9771 - SourceCodester Eye Clinic Management System SQL Injection

]]>

Mon, 01 Sep 2025 09:15:00 GMT

read more

CVE-2025-9769 - D-Link DI-7400G+ Command Injection Vulnerability

poc.txt` results in command injection. An attack on the physical device is feasible. The exploit has been released to the public and may be exploited. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38691 - Cisco BootROM Certificate Type 0 Privilege Escalation Vulnerability

]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38692 - Cisco BootROM RSA Key Validation Buffer Overflow

]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38693 - Apache FDL1 Buffer Overflow Vulnerability

]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38694 - Cisco BootRom Bootloader Unchecked Write Address Privilege Escalation Vulnerability

]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38695 - Citrix BootRom Command Index Overflow Vulnerability

]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38696 - "Microsoft BootRom Buffer Overflow Vulnerability"

]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2025-58318 - Delta Electronics DIAView Authentication Bypass

]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2025-9768 - iSourcecode Sports Management System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2025-9767 - iSourcecode Sports Management System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 07:15:00 GMT

read more

CVE-2025-9766 - iSourcecode Sports Management System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 07:15:00 GMT

read more

CVE-2025-20707 - Geniezone Use After Free Memory Corruption Vulnerability

]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-20708 - "Qualcomm Modem Out-of-Bounds Write Privilege Escalation Vulnerability"

]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-54857 - SkyBridge BASIC OS Command Injection Vulnerability

]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-6507 - H2Oai H2o-3 Untrusted Data Deserialization Vulnerability

]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-9764 - iSourcecode Sports Management System SQL Injection

]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-9765 - iSourcecode Sports Management System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-20703 - Huawei Modem Out-of-Bounds Read Remote Denial of Service Vulnerability

]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-20704 - "ZTE Modem Out-of-Bounds Write Privilege Escalation Vulnerability"

]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-20705 - Citrix Hypervisor Memory Corruption (Use After Free)

]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-20706 - mbrain Use After Free Memory Corruption Vulnerability

]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-9760 - Portabilis i-Educar Remote Authorization Bypass Vulnerability

]]>

Mon, 01 Sep 2025 05:15:00 GMT

read more

CVE-2025-9761 - Campcodes Online Feeds Product Inventory System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 05:15:00 GMT

read more

CVE-2025-9763 - Campcodes Online Learning Management System SQL Injection

]]>

Mon, 01 Sep 2025 05:15:00 GMT

read more

CVE-2025-9759 - Campcodes/SourceCodester Courier Management System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 04:15:00 GMT

read more

CVE-2025-7405 - Mitsubishi Electric Corporation MELSEC iQ-F Series CPU Module Missing Authentication for Critical Function

]]>

Mon, 01 Sep 2025 04:15:00 GMT

read more

CVE-2025-7731 - Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module Unauthenticated Cleartext Credential Exposure

]]>

Mon, 01 Sep 2025 04:15:00 GMT

read more

CVE-2025-9570 - Sunnet eHRD CTMS Arbitrary File Reading Vulnerability

]]>

Mon, 01 Sep 2025 04:15:00 GMT

read more

CVE-2025-9758 - Deepakmisal24 Chemical Inventory Management System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 04:15:00 GMT

read more

CVE-2025-9567 - Sunnet eHRD Reflected Cross-site Scripting

]]>

Mon, 01 Sep 2025 03:15:00 GMT

read more

CVE-2025-9568 - Sunnet eHRD Reflected Cross-site Scripting Vulnerability

]]>

Mon, 01 Sep 2025 03:15:00 GMT

read more

CVE-2025-9569 - Sunnet eHRD Reflected Cross-site Scripting Vulnerability

]]>

Mon, 01 Sep 2025 03:15:00 GMT

read more

CVE-2025-9757 - Campcodes/SourceCodester Courier Management System SQL Injection

]]>

Mon, 01 Sep 2025 03:15:00 GMT

read more

CVE-2025-9754 - Campcodes Online Hospital Management System Cross-Site Scripting (XSS)

]]>

Mon, 01 Sep 2025 02:15:00 GMT

read more

CVE-2025-9755 - Khanakag-17 Library Management System Cross-Site Scripting Vulnerability

]]>

Mon, 01 Sep 2025 02:15:00 GMT

read more

CVE-2025-9756 - PHPGurukul User Management System SQL Injection Vulnerability

]]>

Mon, 01 Sep 2025 02:15:00 GMT

read more

CVE-2025-9752 - D-Link DIR-852 SOAP Service OS Command Injection Vulnerability

]]>

Mon, 01 Sep 2025 01:15:00 GMT

read more

CVE-2025-9753 - Campcodes Online Hospital Management System Cross Site Scripting (XSS)

]]>

Mon, 01 Sep 2025 01:15:00 GMT

read more

CVE-2025-9751 - Campcodes Online Learning Management System SQL Injection

]]>

Mon, 01 Sep 2025 00:15:00 GMT

read more

CVE-2025-9749 - HKritesh009 Grocery List Management Web App SQL Injection Vulnerability

]]>

Sun, 31 Aug 2025 23:15:00 GMT

read more

CVE-2025-9750 - Campcodes Online Learning Management System SQL Injection Vulnerability

]]>

Sun, 31 Aug 2025 23:15:00 GMT

read more

CVE-2025-9747 - Koillection CSRF Protection Bypass

]]>

Sun, 31 Aug 2025 22:15:00 GMT

read more

CVE-2025-9748 - Tenda CH22 Remote Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 31 Aug 2025 22:15:00 GMT

read more

CVE-2025-9745 - D-Link jhttpd Os Command Injection Vulnerability

]]>

Sun, 31 Aug 2025 21:15:00 GMT

read more

CVE-2025-9746 - Campcodes Hospital Management System Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 21:15:00 GMT

read more

CVE-2025-9744 - Campcodes Online Loan Management System SQL Injection

]]>

Sun, 31 Aug 2025 20:15:00 GMT

read more

CVE-2025-9743 - "Code-projects Human Resource Integrated System SQL Injection Vulnerability"

]]>

Sun, 31 Aug 2025 20:15:00 GMT

read more

CVE-2025-9741 - "Code-projects Human Resource Integrated System SQL Injection"

]]>

Sun, 31 Aug 2025 19:15:00 GMT

read more

CVE-2025-9742 - Code-projects Human Resource Integrated System SQL Injection Vulnerability

]]>

Sun, 31 Aug 2025 19:15:00 GMT

read more

CVE-2025-9739 - Campcodes Online Water Billing System SQL Injection

]]>

Sun, 31 Aug 2025 18:15:00 GMT

read more

CVE-2025-9740 - Human Resource Integrated System SQL Injection

]]>

Sun, 31 Aug 2025 18:15:00 GMT

read more

CVE-2025-9737 - O2OA Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 17:15:00 GMT

read more

CVE-2025-9738 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 17:15:00 GMT

read more

CVE-2025-9735 - O2OA Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 16:15:00 GMT

read more

CVE-2025-9736 - O2OA Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 16:15:00 GMT

read more

CVE-2025-9733 - "Code-projects Human Resource Integrated System SQL Injection Vulnerability"

]]>

Sun, 31 Aug 2025 15:15:00 GMT

read more

CVE-2025-9734 - O2OA Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 15:15:00 GMT

read more

CVE-2025-9732 - "DCMTK dcm2img DIYBRPXT Memory Corruption Vulnerability"

]]>

Sun, 31 Aug 2025 14:15:00 GMT

read more

CVE-2025-9731 - Tenda AC9 Hard-Coded Credentials Vulnerability

]]>

Sun, 31 Aug 2025 14:15:00 GMT

read more

CVE-2025-9729 - PHPGurukul Online Course Registration SQL Injection Vulnerability

]]>

Sun, 31 Aug 2025 13:15:00 GMT

read more

CVE-2025-9730 - iSourcecode Apartment Management System SQL Injection

]]>

Sun, 31 Aug 2025 13:15:00 GMT

read more

CVE-2025-9727 - D-Link DIR-816L SoapCGI OS Command Injection Vulnerability

]]>

Sun, 31 Aug 2025 12:15:00 GMT

read more

CVE-2025-9728 - Givanz Vvveb Cross Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 12:15:00 GMT

read more

CVE-2025-9726 - Campcodes Farm Management System SQL Injection Vulnerability

]]>

Sun, 31 Aug 2025 11:15:00 GMT

read more

CVE-2025-9724 - Portabilis i-Educar Cross-Site Scripting (XSS) Vulnerability

]]>

Sun, 31 Aug 2025 10:15:00 GMT

read more

CVE-2025-9725 - Cudy LT500E Default Password Hard-Coding Vulnerability

]]>

Sun, 31 Aug 2025 10:15:00 GMT

read more

CVE-2025-9723 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 09:15:00 GMT

read more

CVE-2025-9722 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 08:15:00 GMT

read more

CVE-2025-9721 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 08:15:00 GMT

read more

CVE-2025-9720 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 07:15:00 GMT

read more

CVE-2025-9718 - O2OA Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 06:15:00 GMT

read more

CVE-2025-9719 - O2OA Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 06:15:00 GMT

read more

CVE-2025-9716 - O2OA Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 05:15:00 GMT

read more

CVE-2025-9717 - O2OA Cross-Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 05:15:00 GMT

read more

CVE-2025-5083 - WordPress Amministrazione Trasparente Stored Cross-Site Scripting

]]>

Sun, 31 Aug 2025 05:15:00 GMT

read more

CVE-2025-47696 - Solwin Blog Designer PRO PHP Remote File Inclusion Vulnerability

]]>

Sun, 31 Aug 2025 04:15:00 GMT

read more

CVE-2024-32589 - UkrSolution Barcode Scanner with Inventory Order Manager Missing Authorization

]]>

Sun, 31 Aug 2025 04:15:00 GMT

read more

CVE-2024-32832 - Hamid Alinia Login with Phone Number Missing Authorization

]]>

Sun, 31 Aug 2025 04:15:00 GMT

read more

CVE-2025-31100 - Mojoomla School Management Unrestricted File Upload Vulnerability

]]>

Sun, 31 Aug 2025 04:15:00 GMT

read more

CVE-2025-9715 - O2OA Cross Site Scripting Vulnerability

]]>

Sun, 31 Aug 2025 01:15:00 GMT

read more

CVE-2025-6992 - Apache Struts Command Evaluation Remote Code Execution

]]>

Sat, 30 Aug 2025 23:15:00 GMT

read more

CVE-2025-9706 - SourceCodester Water Billing System SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 22:15:00 GMT

read more

CVE-2025-9705 - SourceCodester Water Billing System SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 21:15:00 GMT

read more

CVE-2025-9704 - SourceCodester Water Billing System SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 20:15:00 GMT

read more

CVE-2025-9702 - SourceCodester Simple Cafe Billing System SQL Injection

]]>

Sat, 30 Aug 2025 19:15:00 GMT

read more

CVE-2025-9701 - SourceCodester Simple Cafe Billing System SQL Injection

]]>

Sat, 30 Aug 2025 18:15:00 GMT

read more

CVE-2025-9700 - SourceCodester Online Book Store SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 18:15:00 GMT

read more

CVE-2025-9699 - SourceCodester Online Polling System Code SQL Injection

]]>

Sat, 30 Aug 2025 17:15:00 GMT

read more

CVE-2025-9695 - GalleryVault Android Improper Component Export Vulnerability

]]>

Sat, 30 Aug 2025 16:15:00 GMT

read more

CVE-2025-9692 - Campcodes Online Shopping System SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 15:15:00 GMT

read more

CVE-2025-9694 - Campcodes Advanced Online Voting System SQL Injection

]]>

Sat, 30 Aug 2025 15:15:00 GMT

read more

CVE-2012-10062 - Apache Friends XAMPP WebDAV Remote Code Execution Vulnerability

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2025-9690 - SourceCodester Advanced School Management System SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2025-9691 - Campcodes Online Shopping System SQL Injection

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2011-10032 - Sunway ForceControl SNMP NetDBServer Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2009-20009 - "Belkin Bulldog Plus Stack-Based Buffer Overflow Vulnerability"

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2009-20010 - Dogfood CRM Remote Command Execution Vulnerability

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2009-20011 - Impero Software ContentKeeper Web Appliance Remote Command Execution Vulnerability

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2010-10016 - BS.Player SEH Buffer Overflow

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2010-10017 - Windows Media Downloader Buffer Overflow Vulnerability

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2005-10004 - Cacti Remote Command Execution Vulnerability

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2008-20001 - ActivePDF WebGrabber Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2009-20008 - Green Dam Youth Escort Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2025-9689 - SourceCodester Advanced School Management System SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 13:15:00 GMT

read more

CVE-2025-9688 - Mupen64Plus Remote Integer Overflow Vulnerability

]]>

Sat, 30 Aug 2025 13:15:00 GMT

read more

CVE-2025-0165 - IBM Watsonx Orchestrate Cartridge for IBM Cloud Pak for Data SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 13:15:00 GMT

read more

CVE-2025-9686 - Portabilis i-Educar SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 12:15:00 GMT

read more

CVE-2025-9687 - Portabilis i-Educar Remote Authorization Bypass Vulnerability

]]>

Sat, 30 Aug 2025 12:15:00 GMT

read more

CVE-2025-9685 - Portabilis i-Educar SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 11:15:00 GMT

read more

CVE-2025-9684 - Portabilis i-Educar SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 11:15:00 GMT

read more

CVE-2025-9682 - O2OA Cross-Site Scripting Vulnerability

]]>

Sat, 30 Aug 2025 10:15:00 GMT

read more

CVE-2025-9683 - O2OA Cross-Site Scripting Vulnerability

]]>

Sat, 30 Aug 2025 10:15:00 GMT

read more

CVE-2025-38677 - F2FS Linux Kernel Out-of-Boundary Access Vulnerability

]]>

Sat, 30 Aug 2025 10:15:00 GMT

read more

CVE-2025-9681 - O2OA Cross-Site Scripting Vulnerability

]]>

Sat, 30 Aug 2025 09:15:00 GMT

read more

CVE-2025-9680 - O2OA Cross-Site Scripting Vulnerability

]]>

Sat, 30 Aug 2025 07:15:00 GMT

read more

CVE-2025-9679 - "iSourcecode Student Information System SQL Injection Vulnerability"

]]>

Sat, 30 Aug 2025 05:15:00 GMT

read more

CVE-2025-9499 - WordPress Ocean Extra Stored Cross-Site Scripting Vulnerability

]]>

Sat, 30 Aug 2025 05:15:00 GMT

read more

CVE-2025-9500 - TablePress Stored Cross-Site Scripting Vulnerability

]]>

Sat, 30 Aug 2025 05:15:00 GMT

read more

CVE-2025-54942 - SUNNET Corporate Training Management System Authentication Bypass

]]>

Sat, 30 Aug 2025 04:15:00 GMT

read more

CVE-2025-54943 - SUNNET Corporate Training Management System Authentication Bypass

]]>

Sat, 30 Aug 2025 04:15:00 GMT

read more

CVE-2025-54944 - SUNNET Corporate Training Management System File Upload Code Execution Vulnerability

]]>

Sat, 30 Aug 2025 04:15:00 GMT

read more

CVE-2025-54945 - SUNNET Corporate Training Management System Command Injection Vulnerability

]]>

Sat, 30 Aug 2025 04:15:00 GMT

read more

CVE-2025-54946 - SUNNET Corporate Training Management System SQL Injection Vulnerability

]]>

Sat, 30 Aug 2025 04:15:00 GMT

read more

CVE-2025-4956 - AA-Team Pro Bulk Watermark Plugin for WordPress Path Traversal Vulnerability

]]>

Sat, 30 Aug 2025 02:15:00 GMT

read more

CVE-2025-9618 - WordPress Related Posts Lite CSRF

]]>

Sat, 30 Aug 2025 02:15:00 GMT

read more

CVE-2025-34164 - NetSupport Manager Heap-Based Buffer Overflow Vulnerability

]]>

Sat, 30 Aug 2025 00:15:00 GMT

read more

CVE-2025-34165 - NetSupport Manager Denial of Service and Information Leak Buffer Overflow

]]>

Sat, 30 Aug 2025 00:15:00 GMT

read more

CVE-2025-58159 - WeGIA Web Manager Remote Code Execution Vulnerability

]]>

Fri, 29 Aug 2025 23:15:00 GMT

read more

CVE-2025-58068 - Eventlet HTTP Request Smuggling Vulnerability

]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-58156 - Centurion ERP Information Disclosure Vulnerability

]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-58157 - Gnark Fake-GLV Algorithm Denial of Service Vulnerability

]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-58160 - Tracing-Subscriber ANSI Escape Sequence Injection

]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-9678 - Campcodes Online Loan Management System SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-55173 - Next.js Image Optimization File Download Content Injection Vulnerability

]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-57752 - Next.js Image Optimization API Cache Key Confusion Vulnerability

]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-57822 - Next.js SSRF Vulnerability

]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-9676 - NCSOFT Universe App Android Application Component Export Vulnerability

]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2025-9677 - Modo Legend of the Phoenix Android Application Component Export Vulnerability

]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2025-9675 - Voice Changer App AndroidManifest.xml Component Export Vulnerability

]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2025-58066 - Ntpd-rs NTS Protocol Denial of Service Vulnerability

]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2025-58067 - Basecamp Google Sign-In Open Redirect Vulnerability

]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2025-9674 - Transbyte Scooper News App Android Application Component Export Vulnerability

]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2024-46484 - TRENDnet TV-IP410 OS Command Injection

]]>

Fri, 29 Aug 2025 20:15:00 GMT

read more

CVE-2025-56577 - Evope Core Cryptographic Key Disclosure

]]>

Fri, 29 Aug 2025 20:15:00 GMT

read more

CVE-2025-9671 - "UAB Paytend App Android Component Export Vulnerability"

]]>

Fri, 29 Aug 2025 20:15:00 GMT

read more

CVE-2025-9672 - Rejseplanen App Android Manifest XML Component Export Vulnerability

]]>

Fri, 29 Aug 2025 20:15:00 GMT

read more

CVE-2025-9673 - Kakao Hey Kakao App Android Manifest XML Component Export Vulnerability

]]>

Fri, 29 Aug 2025 20:15:00 GMT

read more

CVE-2025-9670 - Mixmark-io Turndown Regular Expression Denial of Service (ReDoS)

]]>

Fri, 29 Aug 2025 19:15:00 GMT

read more

CVE-2025-9667 - "Code-Projects Simple Grading System SQL Injection"

]]>

Fri, 29 Aug 2025 19:15:00 GMT

read more

CVE-2025-9669 - Jinher OA SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 19:15:00 GMT

read more

CVE-2023-41471 - Copyparty Cross Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 19:15:00 GMT

read more

CVE-2025-43773 - Liferay Portal Remote Code Execution Vulnerability

]]>

Fri, 29 Aug 2025 19:15:00 GMT

read more

CVE-2025-9666 - "Code-projects Simple Grading System SQL Injection Vulnerability"

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30271 - QNAP Operating System Path Traversal Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30272 - QNAP NULL Pointer Dereference Denial-of-Service Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30273 - QNAP QTS/QuTS hero Out-of-Bounds Write Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30274 - QNAP QTS and QuTS hero NULL Pointer Dereference Denial-of-Service

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30275 - Qsync Central NULL Pointer Denial-of-Service Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30277 - Qsync Central Certificate Validation Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30278 - QNAP Qsync Central Certificate Validation Weakness

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-33032 - QNAP QTS and QuTS hero Path Traversal Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-33033 - Qsync Central Path Traversal Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-33036 - Qsync Central Path Traversal Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-33037 - Qsync Central Path Traversal Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-33038 - Qsync Central Path Traversal Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-44015 - HybridDesk Station Command Injection Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-44033 - Oa System SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-52856 - VioStor Improper Authentication Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-52861 - VioStor Path Traversal Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-58158 - "Harness Git LFS Arbitrary File Write Vulnerability"

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-9377 - "TP-Link Archer C7/EU and TL-WR841N/ND(MS) Remote Command Execution Vulnerability"

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-9665 - Code-projects Simple Grading System SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30264 - QNAP QTS Command Injection Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30265 - QNAP QTS and QuTS hero Buffer Overflow Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30267 - QNAP QTS NULL Pointer Denial-of-Service Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30268 - QNAP QTS/QhTS NULL Pointer Dereference Denial-of-Service

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30270 - QNAP QTS/QuTS Path Traversal Vulnerability

]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2024-12923 - Photo Station Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-22483 - QNAP License Center Cross-Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-29874 - ASUSTek File Station NULL Pointer Dereference Denial of Service

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-29875 - ASUSTek File Station NULL Pointer Dereference Denial of Service

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-29878 - ASUSTek File Station NULL Pointer Denial of Service

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-29879 - ASUSTek File Station NULL Pointer Dereference DoS Vulnerability

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-55579 - SolidInvoice Cross Site Scripting (XSS)

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-55580 - SolidInvoice Cross Site Scripting (XSS)

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-55763 - CivetWeb URI Parser Buffer Overflow Remote Code Execution

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-9660 - SourceCodester Bakeshop Online Ordering System SQL Injection

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-9662 - "Simple Grading System SQL Injection Vulnerability in Admin Panel"

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-9663 - Simple Grading System SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-9664 - Simple Grading System SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2024-46916 - Diebold Nixdorf Vynamic Security Suite File Deletion Code Execution Vulnerability

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2024-46917 - Diebold Nixdorf Vynamic Security Suite Arbitrary File Execution Vulnerability

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-47909 - Apache CSRF Vulnerability

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-54877 - Tuleap Unauthorized Artifact Field Access

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-55177 - WhatsApp iOS/WhatsApp Business for iOS/WhatsApp for Mac URL Processing Authorization Bypass

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-55202 - Opencast Path Traversal Vulnerability

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-55750 - Gitpod Bitbucket OAuth Token Exposure

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-5808 - OpenText Self Service Password Reset Authentication Bypass Vulnerability

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-9656 - PHPGurukul Directory Management System Cross-Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-9657 - O2OA Cross-Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-9658 - O2OA Cross-Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-9659 - O2OA Cross-Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-54080 - Exiv2 Out-of-Bounds Read Denial of Service

]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-55304 - Exiv2 ICC Profile Parsing Denial-of-Service Vulnerability

]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-9652 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-9653 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-9654 - AiondaDotCom mcp-ssh Command Injection Vulnerability

]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-9655 - O2OA Cross Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-9649 - "Appneta Tcpreplay Division-by-Zero Vulnerability"

]]>

Fri, 29 Aug 2025 14:15:00 GMT

read more

CVE-2025-9650 - Yeqifu CarRental File Path Traversal Vulnerability

]]>

Fri, 29 Aug 2025 14:15:00 GMT

read more

CVE-2025-9651 - Shafhasan Chatbox SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 14:15:00 GMT

read more

CVE-2025-9644 - iSourcecode Apartment Management System SQL Injection

]]>

Fri, 29 Aug 2025 13:15:00 GMT

read more

CVE-2025-9645 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 13:15:00 GMT

read more

CVE-2025-9646 - O2OA Cross-Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 13:15:00 GMT

read more

CVE-2025-9647 - Mtons MBlog Cross-Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 13:15:00 GMT

read more

CVE-2025-40702 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40703 - OpenAtlas Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40704 - OpenAtlas XSS: Unvalidated User Input in "/insert/edition" "/name" Parameter

]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40705 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS)

]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40706 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS)

]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40707 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40708 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS)

]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40709 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS)

]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-9643 - ApacheCampus Apartment Management System SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2024-13342 - "Booster for WooCommerce Remote File Upload Vulnerability"

]]>

Fri, 29 Aug 2025 11:15:00 GMT

read more

CVE-2025-9217 - Slider Revolution WordPress Path Traversal Vulnerability

]]>

Fri, 29 Aug 2025 11:15:00 GMT

read more

CVE-2025-9071 - Oberon PSA Crypto RSA Padding Vulnerability

]]>

Fri, 29 Aug 2025 10:15:00 GMT

read more

CVE-2025-4643 - Payload JWT Authentication Token Reuse Vulnerability

]]>

Fri, 29 Aug 2025 10:15:00 GMT

read more

CVE-2025-4644 - Payload SQLite Adapter Session Fixation

]]>

Fri, 29 Aug 2025 10:15:00 GMT

read more

CVE-2025-7071 - Oberon Microsystems AG Ocrypto AES-CBC Padding Oracle Attack

]]>

Fri, 29 Aug 2025 10:15:00 GMT

read more

CVE-2025-7383 - Oberon PSA Crypto Padding Oracle Attack

]]>

Fri, 29 Aug 2025 10:15:00 GMT

read more

CVE-2025-8150 - "Elementor Events Addon Stored Cross-Site Scripting Vulnerability"

]]>

Fri, 29 Aug 2025 09:15:00 GMT

read more

CVE-2024-13987 - Synology RADIUS Server Cross-site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 08:15:00 GMT

read more

CVE-2025-54777 - Fuji Xerox bizhub S/MIME Email Certificate Denial-of-Service Vulnerability

]]>

Fri, 29 Aug 2025 07:15:00 GMT

read more

CVE-2025-53508 - iND Co.,Ltd iND Command Injection Vulnerability

]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-8147 - WordPress LWSCache Plugin Authorization Bypass

]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-8290 - WordPress List Subpages Stored Cross-Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-8619 - Elementor OSM Map Widget Stored Cross-Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-9374 - "Ultimate Tag Warrior Importer CSRF"

]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-9441 - WordPress iATS Online Forms SQL Injection

]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-53507 - iND Co.,Ltd iND Product Sensitive Information Disclosure

]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-9610 - Code-projects Online Event Judging System SQL Injection

]]>

Fri, 29 Aug 2025 04:16:00 GMT

read more

CVE-2025-9619 - Mercatus ERP Remote Resource ID Manipulation Vulnerability

]]>

Fri, 29 Aug 2025 04:16:00 GMT

read more

CVE-2025-9639 - Ai3 QbiCRMGateway Arbitrary File Reading Vulnerability

]]>

Fri, 29 Aug 2025 04:16:00 GMT

read more

CVE-2025-8857 - Changing Clinic Image System Hard-Coded Credentials Vulnerability

]]>

Fri, 29 Aug 2025 04:15:00 GMT

read more

CVE-2025-8858 - Changing Clinic Image System SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 04:15:00 GMT

read more

CVE-2025-8861 - "Changing TSA Missing Authentication Vulnerability"

]]>

Fri, 29 Aug 2025 04:15:00 GMT

read more

CVE-2025-9609 - Portabilis i-Educar Improper Authorization Remote Code Execution

]]>

Fri, 29 Aug 2025 04:15:00 GMT

read more

CVE-2025-9608 - Portabilis i-Educar Formula de Cálculo de Média Page SQL Injection

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-9606 - Portabilis i-Educar SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-9607 - Portabilis i-Educar SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58330 - Apache HTTP Server Unvalidated User Input

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58331 - Apache HTTP Server Unvalidated User Input

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58332 - Apache HTTP Server Command Injection Vulnerability

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58333 - Apache HTTPD Cross-Site Request Forgery

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-9605 - Tenda AC21/AC23 Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58329 - Oracle WebLogic Server Deserialization RCE

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58327 - Apache HTTP Server Cross-Site Request Forgery

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58328 - Apache HTTP Server Unvalidated User Input

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-39245 - HikCentral Master Lite CSV Injection Vulnerability

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-39246 - HikCentral FocSign Unquoted Service Path Privilege Escalation Vulnerability

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-39247 - HikCentral Professional Unauthenticated Privilege Escalation

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58323 - NAVER MYBOX Explorer Windows Privilege Escalation Vulnerability

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58326 - Apache HTTP Server Unvalidated User Input

]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-9603 - Telesquare TLR-2005KSH Command Injection Vulnerability

]]>

Fri, 29 Aug 2025 02:15:00 GMT

read more

CVE-2025-9604 - Coze-Studio Hardcoded Cryptographic Key Vulnerability

]]>

Fri, 29 Aug 2025 02:15:00 GMT

read more

CVE-2025-9601 - iSourcecode Apartment Management System SQL Injection

]]>

Fri, 29 Aug 2025 02:15:00 GMT

read more

CVE-2025-9602 - Xinhu RockOA Remote Authorization Bypass

]]>

Fri, 29 Aug 2025 02:15:00 GMT

read more

CVE-2025-43268 - Apple macOS Sequoia Root Privilege Escalation

]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-43284 - Apple macOS Out-of-Bounds Read Vulnerability

]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-54142 - Akamai Ghost HTTP Request Smuggling

]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-9599 - iSourcecode Apartment Management System SQL Injection

]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-9600 - "Isourcecode Apartment Management System SQL Injection Vulnerability"

]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2024-44271 - Apple macOS Sequoia Screen Recording Vulnerability

]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2024-54554 - "Apple macOS Sequoia Symlink Data Access Vulnerability"

]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2024-54568 - "Apple macOS Sequoia Unexpected App Termination Vulnerability"

]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-40927 - Perl CGI::Simple HTTP Response Splitting Vulnerability

]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-43187 - Apple macOS HDIUTIL Code Execution Vulnerability

]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-43255 - Apple macOS IOMemoryDescriptor Out-of-Bounds Read Vulnerability

]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-48979 - "UISP Command Injection Vulnerability"

]]>

Fri, 29 Aug 2025 00:15:00 GMT

read more

CVE-2025-9595 - Code-projects Student Information Management System Cross Site Scripting Vulnerability

]]>

Fri, 29 Aug 2025 00:15:00 GMT

read more

CVE-2025-9596 - iSourcecode Sports Management System SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 00:15:00 GMT

read more

CVE-2025-9597 - Itsoucecode Apartment Management System SQL Injection Vulnerability

]]>

Fri, 29 Aug 2025 00:15:00 GMT

read more

CVE-2025-9598 - Apache Management System SQL Injection

]]>

Fri, 29 Aug 2025 00:15:00 GMT

read more

CVE-2025-58062 - OpenMCP Client OS Command Injection Vulnerability

]]>

Thu, 28 Aug 2025 23:15:00 GMT

read more

CVE-2025-9593 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Thu, 28 Aug 2025 23:15:00 GMT

read more

CVE-2025-9594 - iSourcecode Apartment Management System SQL Injection

]]>

Thu, 28 Aug 2025 23:15:00 GMT

read more

CVE-2025-9591 - ZrLog Cross-Site Scripting Vulnerability in Theme Configuration Form

]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-9592 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-58058 - xz LZMA Header Buffer Overflow Vulnerability

]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-58061 - OpenEBS Local PV RawFile World Readable Persistent Volume Data

]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-9589 - Cudy WR1200EA Default Password Disclosure

]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-9590 - Weaver E-Mobile Mobile Management Platform Cross-Site Scripting Vulnerability

]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-9585 - Comfast CF-N1 Command Injection Vulnerability

]]>

Thu, 28 Aug 2025 21:15:00 GMT

read more

CVE-2025-9586 - Comfast CF-N1 Command Injection Vulnerability

]]>

Thu, 28 Aug 2025 21:15:00 GMT

read more

CVE-2025-6203 - HashiCorp Vault CPU and Memory Exhaustion Vulnerability

]]>

Thu, 28 Aug 2025 20:15:00 GMT

read more

CVE-2025-9582 - Comfast CF-N1 Command Injection Vulnerability

]]>

Thu, 28 Aug 2025 20:15:00 GMT

read more

CVE-2025-9583 - Comfast CF-N1 Command Injection Vulnerability

]]>

Thu, 28 Aug 2025 20:15:00 GMT

read more

CVE-2025-9584 - Comfast CF-N1 Command Injection Vulnerability

]]>

Thu, 28 Aug 2025 20:15:00 GMT

read more

CVE-2025-57220 - Tenda AC10 Privilege Escalation Remote Code Execution

]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-9577 - TOTOLINK X2000R Default Credentials Vulnerability

]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-9579 - "LB-LINK BL-X26 HTTP Handler Os Command Injection Vulnerability"

]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-9580 - LB-LINK BL-X26 HTTP Handler Os Command Injection Vulnerability

]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-9581 - Comfast CF-N1 Command Injection Vulnerability

]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-57215 - Tenda AC10 Stack Overflow Vulnerability

]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-57219 - Tenda AC10 Unauthenticated Privilege Escalation Vulnerability

]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-58048 - Paymenter File Upload Arbitrary Code Execution

]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-58049 - XWiki Platform Unencrypted Cookies Storage Vulnerability

]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-58059 - Valtimo Business Process Automation Remote Code Execution and Data Access Vulnerability

]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-9195 - Solidigm DC Products Firmware Denial of Service

]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-9575 - Linksys Router CGI Upload Command Injection Vulnerability

]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-9576 - Seeedstudio ReSpeaker LinkIt7688 Unauthenticated Default Credentials Disclosure

]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-31971 - AIML Solutions for HCL SX SSRF

]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-57217 - Tenda AC10 Stack Overflow Vulnerability

]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-57218 - Tenda AC10 Stack Overflow Vulnerability

]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-58047 - Plone Volto NodeJS Server Crash

]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-57759 - Contao Unauthenticated Permission Bypass Vulnerability

]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-57819 - FreePBX Unauthenticated Remote Code Execution Vulnerability

]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-58334 - JetBrains IDE Services Privilege Escalation Vulnerability

]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-58335 - JetBrains Junie Remote Information Disclosure Vulnerability

]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-31979 - HCL BigFix SM File Upload Validation Bypass

]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-57756 - Contao Information Disclosure Vulnerability

]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-57757 - Contao RSS Feed Information Disclosure Vulnerability

]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-57758 - Contao Table Access Voter Privilege Escalation Vulnerability

]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-31977 - HCL BigFix SM Cryptographic Weakness

]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-31972 - HCL BigFix SM Sensitive Information Exposure

]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2024-13986 - Nagios XI Remote Code Execution Vulnerability

]]>

Thu, 28 Aug 2025 16:15:00 GMT

read more

CVE-2025-25010 - Kibana Privilege Escalation Vulnerability

]]>

Thu, 28 Aug 2025 16:15:00 GMT

read more

CVE-2025-29364 - Spim Simulator Spim Buffer Overflow Vulnerability

]]>

Thu, 28 Aug 2025 16:15:00 GMT

read more

CVE-2025-51643 - Meitrack T366G-L GPS Tracker Unauthenticated SPI Flash Chip Extraction

]]>

Thu, 28 Aug 2025 16:15:00 GMT

read more

CVE-2025-57767 - Asterisk SIP Authorization Header Null Pointer Dereference Vulnerability

]]>

Thu, 28 Aug 2025 16:15:00 GMT

read more

CVE-2025-52054 - Tenda AC8 MAC Address Guessable Root Password Vulnerability

]]>

Thu, 28 Aug 2025 15:16:00 GMT

read more

CVE-2025-54995 - Asterisk Resource Exhaustion and Leak Vulnerability

]]>

Thu, 28 Aug 2025 15:16:00 GMT

read more

CVE-2025-55583 - D-Link DIR-868L Command Injection Vulnerability

]]>

Thu, 28 Aug 2025 15:16:00 GMT

read more

CVE-2025-56236 - FormCms Stored XSS Vulnerability

]]>

Thu, 28 Aug 2025 15:16:00 GMT

read more

CVE-2025-8067 - Udisks D-BUS Loop Device Handler Index Validation Bypass

]]>

Thu, 28 Aug 2025 15:16:00 GMT

read more

CVE-2024-48908 - Lychee Link Checking Action Arbitrary Code Injection Vulnerability

]]>

Thu, 28 Aug 2025 15:15:00 GMT

read more

CVE-2025-51969 - PuneethReddyHC Online Shopping System SQL Injection

]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-51971 - PuneethReddyHC Online Shopping System Reflected XSS

]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-51972 - PuneethReddyHC Online Shopping System SQL Injection

]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-9578 - Acronis Cyber Protect Cloud Agent Windows Insecure Folder Permissions Privilege Escalation

]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2024-49790 - IBM Watson Studio on Cloud Pak for Data Cross-Site Scripting (XSS)

]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-51967 - ProjectsAndPrograms School Management System Reflected Cross-site Scripting (XSS)

]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-51968 - PuneethReddyHC Online Shopping System SQL Injection

]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-54724 - Golo Cross-site Scripting (XSS)

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54725 - Uxper Golo Authentication Bypass

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54731 - YouTube Showcase Object Injection Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54733 - Miles All Bootstrap Blocks Authentication Bypass

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54734 - BPlugins B Slider Missing Authorization Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54738 - NooTheme Jobmonster Authentication Bypass

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54742 - Magepeopleteam WpEvently Untrusted Data Deserialization Object Injection Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-58123 - Checkmk Exchange Plugin SSL/TLS Certificate Validation Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-58124 - Checkmk Exchange Certificate Validation Bypass

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-58125 - Freebox Checkmk Exchange Plugin SSL Certificate Validation Bypass

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-58126 - VMware vSAN Checkmk Exchange Plugin SSL/TLS Man-in-the-Middle Attack Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-58127 - Dell Powerscale Certificate Validation Weakness

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53588 - UKR Solution UPC/EAN/GTIN Code Generator Path Traversal

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54029 - WooCommerce CSV Import Export Path Traversal

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54710 - Tiktok Feed Missing Authorization Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54714 - Zephyr Project Manager Missing Authorization Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54716 - Ovatheme Ireca PHP Remote File Inclusion Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54720 - SteelThemes Nest Addons SQL Injection

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53337 - Ashan Perera LifePress Missing Authorization Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53572 - eMarket-Design WP Easy Contact Object Injection Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53576 - Ovatheme Events PHP Local File Inclusion Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53578 - Gavias Kipso PHP Remote File Inclusion Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53579 - Captcha.eu Cross-Site Scripting Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53583 - Emarket-Design Employee Spotlight Deserialization of Untrusted Data Object Injection

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53584 - WP Ticket Customer Service Software Support Ticket System Object Injection Vulnerability

]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54762 - D-Link Media Server Remote File Upload and Command Execution Vulnerability

]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-48963 - Acronis Cyber Protect Cloud Agent Privilege Escalation Vulnerability

]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-58072 - "Sony SS Path Traversal Vulnerability"

]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-52460 - SS1 Remote File Access Vulnerability

]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-46409 - Samsung Smart TV Weak Encryption Authentication Bypass

]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-53970 - Apache SS Remote File Upload and Command Execution Vulnerability

]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-54819 - Samsung SSD Path Traversal Vulnerability

]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-53396 - SS1 Privilege Escalation Vulnerability

]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-58081 - SS1 Root File Access Vulnerability

]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2024-58240 - Linux Kernel TLS Use-After-Free (UAF)

]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-58322 - NAVER MYBOX Explorer Local Privilege Escalation Vulnerability

]]>

Thu, 28 Aug 2025 08:15:00 GMT

read more

CVE-2025-6255 - WooCommerce Dynamic AJAX Product Filters Stored Cross-Site Scripting

]]>

Thu, 28 Aug 2025 07:15:00 GMT

read more

CVE-2025-8073 - WooCommerce Dynamic AJAX Product Filters Stored Cross-Site Scripting Vulnerability

]]>

Thu, 28 Aug 2025 07:15:00 GMT

read more

CVE-2024-13807 - Xagio SEO Plugin for WordPress Sensitive Information Exposure

]]>

Thu, 28 Aug 2025 06:15:00 GMT

read more

CVE-2025-7955 - RingCentral Communications WordPress Authentication Bypass

]]>

Thu, 28 Aug 2025 06:15:00 GMT

read more

CVE-2025-7956 - Apache Ajax Search Lite Information Exposure Vulnerability

]]>

Thu, 28 Aug 2025 06:15:00 GMT

read more

CVE-2025-8977 - "WordPress Simple Download Monitor SQL Injection"

]]>

Thu, 28 Aug 2025 05:15:00 GMT

read more

CVE-2025-8603 - Unlimited Elements For Elementor WordPress Stored Cross-Site Scripting Vulnerability

]]>

Thu, 28 Aug 2025 04:16:00 GMT

read more

CVE-2025-9345 - Managefy Plugin Path Traversal Vulnerability

]]>

Thu, 28 Aug 2025 04:16:00 GMT

read more

CVE-2025-9346 - Booking Calendar for WordPress Stored Cross-Site Scripting Vulnerability

]]>

Thu, 28 Aug 2025 04:16:00 GMT

read more

CVE-2024-9648 - WordPress WP ULike Pro File Upload Vulnerability

]]>

Thu, 28 Aug 2025 04:15:00 GMT

read more

CVE-2025-0951 - LiquidThemes WordPress Theme and Plugin Unauthorized Access Vulnerability

]]>

Thu, 28 Aug 2025 04:15:00 GMT

read more

CVE-2025-36003 - IBM Security Verify Governance Identity Manager Information Disclosure Vulnerability

]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-57845 - Apache HTTP Server Remote Code Execution Vulnerability

]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-7812 - Video Share VOD WordPress CSRF Vulnerability

]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-8897 - Beaver Builder WordPress Page Builder Reflected Cross-Site Scripting Vulnerability

]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-9344 - UsersWP WordPress Stored Cross-Site Scripting Vulnerability

]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-9352 - Pronamic Google Maps for WordPress Stored Cross-Site Scripting Vulnerability

]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-34160 - AnyShare ServiceAgent API Remote Code Execution Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34162 - Bian Que Feijiu Intelligent Emergency and Quality Control System SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34163 - Dongsheng Logistics Software Remote Code Execution (RCE)

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34520 - Arcserve Unified Data Protection Authentication Bypass Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34521 - Arcserve Unified Data Protection (UDP) Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34522 - Arcserve Unified Data Protection Heap-Based Buffer Overflow Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34523 - Arcserve Unified Data Protection (UDP) Remote Heap-Based Buffer Overflow Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13982 - SPON IP Network Broadcast System Arbitrary File Read Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13984 - QiAnXin TianQing Management Center RPTSVR Path Traversal Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13985 - Dahua EIMS Command Injection Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13979 - St. Joe ERP System SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13980 - H3C Intelligent Management Center Remote Command Execution Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13981 - LiveBOS Arbitrary File Upload Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2023-7309 - Dahua Smart Park Integrated Management Platform SOAP Path Traversal Remote Code Execution Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2018-25115 - D-Link DIR-series Router Privilege Escalation Remote Command Execution Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2023-7307 - Sangfor Behavior Management System XXE Injection Vulnerability

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2023-7308 - NSFOCUS SecGate3600 Authentication Bypass Information Disclosure

]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-40779 - Kea DHCPv4 Assertion Failure Vulnerability

]]>

Wed, 27 Aug 2025 21:15:00 GMT

read more

CVE-2025-5101 - GitLab Code Injection Vulnerability

]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2024-37777 - O2OA Remote Code Execution Vulnerability

]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-2246 - GitLab Unauthenticated GraphQL API Access Vulnerability

]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-3601 - GitLab Denial of Service (DoS) in URL Processing

]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-4225 - GitLab GraphQL Denial-of-Service Vulnerability

]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-55582 - D-Link DCS-825L Persistent Privilege Escalation and Arbitrary Code Execution

]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-55618 - Hyundai Navigation App Cross-Site Scripting Vulnerability

]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-55495 - Tenda AC6 Buffer Overflow Vulnerability

]]>

Wed, 27 Aug 2025 19:15:00 GMT

read more

CVE-2025-58050 - PCRE2 Heap-Buffer-Overflow Read Vulnerability

]]>

Wed, 27 Aug 2025 19:15:00 GMT

read more

CVE-2025-58196 - UiCore Elements Cross-site Scripting Vulnerability

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58197 - Simple Download Monitor Cross-site Scripting (XSS)

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58198 - Xpro Theme Builder Missing Authorization

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58201 - AfterShip Tracking Missing Authorization Vulnerability

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58202 - WordPress Simple Page Access Restriction CSRF

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58203 - Solace Extra SSRF Vulnerability

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58204 - Eric Teubert Podlove Podcast Publisher Open Redirect Phishing

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58205 - ElementInvader Elementor DOM-Based Cross-site Scripting

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58208 - Elementor Forms + Drag And Drop Template Builder Cross-site Scripting

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58209 - rtCamp Transcoder Cross-Site Scripting

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58211 - Alexvtn Chatbox Manager Stored Cross-site Scripting Vulnerability

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58212 - Epeken All Kurir DOM-Based Cross-site Scripting

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58213 - Trafft Booking System Stored Cross-Site Scripting

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58216 - WordPress Thumbtack Review Slider Cross-Site Scripting

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58217 - GeroNikolov Instant Breaking News CSRF Stored XSS

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58218 - Enituretechnology Small Package Quotes – USPS Edition Object Injection Vulnerability

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-50979 - NodeBB SQL Injection

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-51667 - Simple-Admin-Core SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-55422 - FoxCMS Reflected Cross Site Scripting (XSS)

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58192 - Xylus Themes WP Bulk Delete Missing Authorization Vulnerability

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58193 - Uncanny Automator Missing Authorization Vulnerability

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58194 - **Boldthemes Bold Page Builder Stored Cross-Site Scripting (XSS)**

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58195 - Xpro Elementor Addons Cross-site Scripting

]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-57821 - Basecamp Open-Redirect Vulnerability

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-5187 - Kubernetes NodeRestriction OwnerReference Deletion Vulnerability

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20241 - Cisco Nexus IS-IS Protocol Denial of Service Vulnerability

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20262 - Cisco Nexus PIM6 Ephemeral Query Processing Remote Denial of Service

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20290 - Cisco NX-OS Software Insecure Logging Disclosure

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20292 - Cisco NX-OS CLI Command Injection Vulnerability

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20294 - Cisco UCS Manager Software CLI and Web-Based Management Interface Command Injection Vulnerabilities

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20295 - "Cisco UCS Manager CLI File System Privilege Escalation Vulnerability"

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20296 - Cisco UCS Manager Software Stored Cross-Site Scripting Vulnerability

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20317 - Cisco IMC vKVM Cross-Site Scripting (XSS)

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20342 - "Cisco IMC vKVM Stored XSS"

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20344 - Cisco Nexus Dashboard Path Traversal Vulnerability

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20347 - "Cisco Nexus Dashboard and NDFC REST API Endpoint Authorization Bypass"

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20348 - Cisco Nexus Dashboard and Fabric Controller Unauthorized File Access and Modification

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-34157 - Coolify Stored XSS Vulnerability

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-34159 - Coolify Docker Compose Remote Code Execution Vulnerability

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-34161 - Coolify Remote Code Execution Vulnerability

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-50428 - RaspAP Raspap-webgui Command Injection Vulnerability

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-50977 - Apache Wicket Template Injection Cross-Site Scripting (XSS)

]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-50978 - Gitblit Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 27 Aug 2025 16:15:00 GMT

read more

CVE-2025-50983 - Readarr SQLite Database SQL Injection

]]>

Wed, 27 Aug 2025 16:15:00 GMT

read more

CVE-2025-50984 - Diskover-Web Elasticsearch Boolean Blind SQL Injection

]]>

Wed, 27 Aug 2025 16:15:00 GMT

read more

CVE-2025-54598 - eBay Bevy Event CSRF Vulnerability

]]>

Wed, 27 Aug 2025 16:15:00 GMT

read more

CVE-2025-53105 - GLPI Unauthenticated Rule Reordering Vulnerability

]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-9533 - TOTOLINK T10 Remote Authentication Bypass Vulnerability

]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-50972 - AbanteCart SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-50985 - Diskover-web Community Edition Cross-Site Scripting (XSS)

]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-50986 - Diskover-web Stored Cross-Site Scripting Vulnerabilities

]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-50989 - OPNsense Authenticated Command Injection Vulnerability

]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-52122 - CraftCMS Freeform SSTI Vulnerability

]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-43728 - Dell ThinOS Protection Mechanism Failure Remote Bypass Vulnerability

]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-43729 - Dell ThinOS Incorrect Permission Assignment for Critical Resource Vulnerability

]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-43730 - Dell ThinOS Command Argument Injection Vulnerability

]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-43882 - Dell ThinOS Unverified Ownership Unauthorized Access

]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-56694 - Lumasoft fotoShare Cloud Authentication Bypass

]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9527 - Linksys E1700 Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9528 - Linksys E1700 OS Command Injection Vulnerability

]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9529 - Campcodes Payroll Management System Remote File Inclusion Vulnerability

]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9531 - Portabilis i-Educar Agenda Module SQL Injection

]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9532 - Portabilis i-Educar SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9525 - Linksys E1700 Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 27 Aug 2025 13:15:00 GMT

read more

CVE-2025-9526 - Linksys E1700 Remote Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 27 Aug 2025 13:15:00 GMT

read more

CVE-2025-30059 - Apache PrepareCDExportSQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30060 - Apache HTTP Server SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30061 - Apache HTTP Server SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30063 - Apache HTTP Server Unsecured Configuration File Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30064 - Apache ThrustSession JWT Session Hijacking Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-9523 - Tenda AC1206 Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-2313 - HP Print pl Arbitrary Code Execution Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30036 - "Oddział Ward Stored XSS"

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30037 - Apache HTTP Server Unauthenticated Remote Access

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30038 - CGM CLININET Session ID Leak

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30039 - Apache CliniNET Unauthenticated Session Takeover Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30040 - Apache CliniNET Information Disclosure

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30041 - Apache CliniNET Session ID Exposure Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30048 - Apache Server Unauthenticated Access to Configuration Credentials

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30055 - Apache Struts JavaScript Caching Remote Code Execution Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30056 - Apache Shell Injection Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30057 - Microsoft UHCRTFDoc Command Injection Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30058 - Apache PatientService SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2021-4459 - Sunny Boy Path Traversal Vulnerability

]]>

Wed, 27 Aug 2025 08:15:00 GMT

read more

CVE-2025-57846 - Fortinet i-Filter Privilege Escalation Vulnerability

]]>

Wed, 27 Aug 2025 06:15:00 GMT

read more

CVE-2025-9511 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 06:15:00 GMT

read more

CVE-2025-9513 - Apache editso fuso RsaAndAesHandshake Encryption Strength Vulnerability

]]>

Wed, 27 Aug 2025 06:15:00 GMT

read more

CVE-2025-9514 - "Macrozheng Mall Registration Weak Password Requirements Remote RCE"

]]>

Wed, 27 Aug 2025 06:15:00 GMT

read more

CVE-2025-57797 - Fujitsu ScanSnap Manager Privilege Escalation Vulnerability

]]>

Wed, 27 Aug 2025 06:15:00 GMT

read more

CVE-2025-9510 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 05:15:00 GMT

read more

CVE-2025-48081 - Printeers Print Ship Path Traversal Vulnerability

]]>

Wed, 27 Aug 2025 05:15:00 GMT

read more

CVE-2025-9508 - iSourcecode Apartment Management System SQL Injection

]]>

Wed, 27 Aug 2025 05:15:00 GMT

read more

CVE-2025-9509 - itsourcecode Apartment Management System SQL Injection

]]>

Wed, 27 Aug 2025 05:15:00 GMT

read more

CVE-2025-49039 - Mibuthu Link View Stored Cross-Site Scripting

]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-49040 - Backup Bolt CSRF Vulnerability

]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-9504 - Campcodes Online Loan Management System SQL Injection

]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-9505 - Campcodes Online Loan Management System SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-9506 - Campcodes Online Loan Management System SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-9507 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-49035 - "Chaimchaikin Admin Menu Groups Cross-site Scripting"

]]>

Wed, 27 Aug 2025 04:15:00 GMT

read more

CVE-2025-7732 - WordPress Lazy Load for Videos Stored Cross-Site Scripting

]]>

Wed, 27 Aug 2025 03:15:00 GMT

read more

CVE-2025-9502 - Campcodes Online Loan Management System SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 03:15:00 GMT

read more

CVE-2025-9503 - Campcodes Online Loan Management System SQL Injection Vulnerability

]]>

Wed, 27 Aug 2025 03:15:00 GMT

read more

CVE-2025-8490 - All-in-One WP Migration and Backup Stored Cross-Site Scripting Vulnerability

]]>

Wed, 27 Aug 2025 00:15:00 GMT

read more

CVE-2025-35114 - Agiloft Default Credentials Privilege Escalation

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-35115 - Agiloft Insecure Package Download Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-57820 - Svelte Devalue Prototype Pollution Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-9277 - SiteSEO - WordPress Stored Cross-Site Scripting

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-35113 - Agiloft Remote Code Execution Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22411 - Cisco SDP Use After Free Remote Code Execution Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22412 - Apache SDP Server Use-After-Free Remote Code Execution Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22413 - Apache HTTP Server Privilege Escalation Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-26417 - Google Android Confused Deputy Local Information Disclosure

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-35112 - Agiloft XML External Entities (XXE)

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22407 - BlueZ Use After Free Remote Information Disclosure

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22408 - Citrix NetScaler Use-After-Free Remote Code Execution Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22409 - RFC TS Frames Use After Free Local Privilege Escalation

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22410 - Apache HTTP Server Use-After-Free Remote Code Execution Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0086 - Android AccountManager Service Token Overwrite Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0092 - Google Android Bond Permission Bypass

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0093 - Android Device AdapterService Remote Information Disclosure Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22403 - "Vulnerability in Google SDP's SDP Disovery Service: Arbitrary Code Execution"

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22404 - Qualcomm AvCT LCB Act Use After Free Privilege Escalation

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22405 - Apache HTTP Server Use After Free Arbitrary Code Execution

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22406 - Apache OpenWRT bnep Use After Free Local Privilege Escalation

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0082 - Oracle Java Confused Deputy Image Disclosure

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0083 - Apache HTTP Server Information Disclosure Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0084 - Qualcomm Bluetooth HFP Use After Free Remote Code Execution

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0081 - Adobe DNG JPEG Uninitialized Data Crash Vulnerability

]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-9492 - Campcodes Online Water Billing System SQL Injection Vulnerability

]]>

Tue, 26 Aug 2025 22:15:00 GMT

read more

CVE-2024-35203 - Mahara Cross-Site Scripting (XSS) Vulnerability

]]>

Tue, 26 Aug 2025 21:15:00 GMT

read more

CVE-2024-47192 - Mahara File Download Vulnerability

]]>

Tue, 26 Aug 2025 21:15:00 GMT

read more

CVE-2025-50971 - AbanteCart Directory Traversal Vulnerability

]]>

Tue, 26 Aug 2025 20:15:00 GMT

read more

CVE-2025-52353 - Badaso CMS Arbitrary Code Execution Vulnerability

]]>

Tue, 26 Aug 2025 20:15:00 GMT

read more

CVE-2025-55443 - Telpo MDM Plaintext Credentials and MQTT Server Exposure

]]>

Tue, 26 Aug 2025 20:15:00 GMT

read more

CVE-2025-23307 - NVIDIA NeMo Curator Remote Code Execution Vulnerability

]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-23312 - NVIDIA NeMo Framework Code Injection Vulnerability

]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-23313 - NVIDIA NeMo Framework NLP Component Code Injection Vulnerability

]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-23314 - NVIDIA NeMo Framework NLP Code Injection Vulnerability

]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-23315 - NVIDIA NeMo Framework Code Injection Vulnerability

]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-50975 - IPFire Stored XSS in Firewall CGI Interface

]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-9478 - Google Chrome ANGLE Use-After-Free Vulnerability

]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-50976 - IPFire 2 DNS Management Interface Reflected Cross-Site Scripting Vulnerability

]]>

Tue, 26 Aug 2025 18:15:00 GMT

read more

CVE-2025-55298 - ImageMagick Format String Vulnerability

]]>

Tue, 26 Aug 2025 18:15:00 GMT

read more

CVE-2025-57803 - ImageMagick Heap Corruption Vulnerability

]]>

Tue, 26 Aug 2025 18:15:00 GMT

read more

CVE-2025-57818 - Firecrawl SSRF Vulnerability

]]>

Tue, 26 Aug 2025 18:15:00 GMT

read more

CVE-2025-1994 - IBM Cognos Command Center Deserialization Vulnerability

]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-2697 - IBM Cognos Command Center Open Redirect Vulnerability

]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-36729 - "Fortinet Web Interface Unauthorized Access and Privilege Escalation"

]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-50974 - IPFire Calamaris Log Exporter Remote Code Execution

]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-52184 - Helpy.io Cross Site Scripting (XSS)

]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-55212 - ImageMagick Denial of Service Vulnerability

]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-57425 - SourceCodester FAQ Management System Stored XSS Vulnerability

]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-9491 - Microsoft Windows LNK File Remote Code Execution Vulnerability

]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-1494 - IBM Cognos Command Center Clickjacking Vulnerability

]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-57810 - jsPDF High CPU Utilization Denial of Service Vulnerability

]]>

Tue, 26 Aug 2025 16:15:00 GMT

read more

CVE-2025-57813 - traP traQ Exposed OAuth Tokens in SQL Error Logs

]]>

Tue, 26 Aug 2025 16:15:00 GMT

read more

CVE-2025-56432 - Nagios XI Cross-Site Scripting (XSS)

]]>

Tue, 26 Aug 2025 16:15:00 GMT

read more

CVE-2025-52219 - SelectZero Data Observability Platform Open Redirect Vulnerability

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-6366 - WordPress Event List Plugin Privilege Escalation Vulnerability

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25732 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units EEPROM Access Control Bypass Privilege Escalation

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25733 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units SPI Flash Chip Access Control Bypass

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25734 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units (RSUs) Boot Process Privilege Escalation

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25735 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units (RSUs) SPI Flash Modification Vulnerability

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25736 - Kapsch TrafficCom RIS-9260 RSU Android Debug Bridge Root Access

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25737 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units (RSUs) Unprotected BIOS Authentication

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-52035 - NotesCMS Stored XSS Vulnerability

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-52036 - NotesCMS Stored XSS Vulnerability

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-52037 - NotesCMS Stored XSS Vulnerability

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-52217 - SelectZero Data Observability Platform HTML Injection Vulnerability

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-52218 - SelectZero Data Observability Platform Content Spoofing Vulnerability

]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2024-39335 - Mahara Information Disclosure Vulnerability

Groups -> Submissions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2024-47853 - Mahara LTI Privilege Escalation Vulnerability

]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-29992 - Mahara Database Connection Information Disclosure

]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-50753 - Mitrastar GPT-2741GNAC-N2 SSH Command Injection Vulnerability

]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-55526 - n8n-workflows Directory Traversal Vulnerability

]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-8424 - Citrix NetScaler ADC and Gateway Unauthenticated Remote Command Injection

]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-9481 - Linksys Router Stack-Based Buffer Overflow Vulnerability

]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-9482 - "Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability"

]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-9483 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2024-45753 - Mahara External RSS Feed Block Cross-Site Scripting (XSS)

]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-8700 - Invoice Ninja macOS Debugging Entitlement Vulnerability

]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-9190 - "Cursor macOS Local Privilege Escalation (Unauthenticated Code Execution)"

]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-38676 - "AMD IOMMU Stack Buffer Overflow"

]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-53811 - Mosh-Pro macOS RunAsNode Arbitrary Code Execution

]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-53813 - Nozbe macOS Arbitrary Code Execution (TCC Permission Escalation)

]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-7775 - Citrix NetScaler Remote Code Execution and Denial of Service Vulnerability

]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-7776 - Citrix NetScaler Memory Overflow Denial of Service

]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-8597 - MacVim macOS Local Debugger Bypass

]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-1501 - CMC Unauthenticated Access Control Bypass

]]>

Tue, 26 Aug 2025 11:15:00 GMT

read more

CVE-2025-44002 - TeamViewer RCE

]]>

Tue, 26 Aug 2025 11:15:00 GMT

read more

CVE-2025-29901 - Asustor File Station NULL Pointer Dereference Denial of Service

]]>

Tue, 26 Aug 2025 10:15:00 GMT

read more

CVE-2025-48108 - Mojoomla School Management Missing Authorization Vulnerability

]]>

Tue, 26 Aug 2025 10:15:00 GMT

read more

CVE-2025-6247 - "WordPress Automatic Plugin CSRF Vulnerability"

]]>

Tue, 26 Aug 2025 09:15:00 GMT

read more

CVE-2025-53418 - Delta Electronics COMMGR Stack-based Buffer Overflow

]]>

Tue, 26 Aug 2025 07:15:00 GMT

read more

CVE-2025-53419 - Delta Electronics COMMGR Code Injection Vulnerability

]]>

Tue, 26 Aug 2025 07:15:00 GMT

read more

CVE-2025-57704 - Delta Electronics EIP Builder XML External Entity Information Disclosure

]]>

Tue, 26 Aug 2025 07:15:00 GMT

read more

CVE-2024-8860 - Tourfic for WordPress Unauthenticated Data Modification Vulnerability

]]>

Tue, 26 Aug 2025 07:15:00 GMT

read more

Les derniers articles scientifiques co-écrits par des agents issus des labos de l’ANSSI

]]>

Tue, 26 Aug 2025 07:00:00 GMT

read more

CVE-2025-41702 - EgOS WebGUI Cryptographic Key Disclosure Vulnerability

]]>

Tue, 26 Aug 2025 06:15:00 GMT

read more

CVE-2025-9475 - SourceCodester Human Resource Information System Unrestricted File Upload Vulnerability

]]>

Tue, 26 Aug 2025 06:15:00 GMT

read more

CVE-2025-9476 - SourceCodester Human Resource Information System Unrestricted File Upload Vulnerability

]]>

Tue, 26 Aug 2025 06:15:00 GMT

read more

CVE-2025-5931 - Dokan Pro WordPress Privilege Escalation via Account Takeover

]]>

Tue, 26 Aug 2025 05:15:00 GMT

read more

CVE-2025-9472 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Tue, 26 Aug 2025 05:15:00 GMT

read more

CVE-2025-9473 - SourceCodester Online Bank Management System SQL Injection Vulnerability

]]>

Tue, 26 Aug 2025 05:15:00 GMT

read more

CVE-2025-9474 - Mihomo Party Local File Inclusion Vulnerability

]]>

Tue, 26 Aug 2025 05:15:00 GMT

read more

CVE-2025-9471 - iSourcecode Apartment Management System SQL Injection

]]>

Tue, 26 Aug 2025 04:16:00 GMT

read more

CVE-2025-9470 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Tue, 26 Aug 2025 04:16:00 GMT

read more

CVE-2025-9172 - WordPress Vibes Plugin SQL Injection Vulnerability

]]>

Tue, 26 Aug 2025 04:15:00 GMT

read more

CVE-2025-9468 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Tue, 26 Aug 2025 04:15:00 GMT

read more

CVE-2025-9469 - iSourcecode Apartment Management System SQL Injection

]]>

Tue, 26 Aug 2025 04:15:00 GMT

read more

CVE-2025-9443 - Tenda CH22 Buffer Overflow Vulnerability

]]>

Tue, 26 Aug 2025 03:15:00 GMT

read more

CVE-2025-9444 - "1000projects Online Project Report Submission and Evaluation System SQL Injection Vulnerability"

]]>

Tue, 26 Aug 2025 03:15:00 GMT

read more

CVE-2025-9461 - Diyhi BBS File Compression Handler Information Disclosure Vulnerability

]]>

Tue, 26 Aug 2025 03:15:00 GMT

read more

CVE-2025-9440 - Apache 1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability

]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-9438 - 1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability

]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-9439 - Apache 1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability

]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-8447 - GitHub Enterprise Server Code Access Bypass

]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-9433 - Mtons MBlog Remote Cross-Site Scripting Vulnerability

]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-9434 - "1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability"

]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-9430 - Mtons Mblog Cross-Site Scripting Vulnerability

]]>

Tue, 26 Aug 2025 01:15:00 GMT

read more

CVE-2025-9431 - Mtons MBlog Cross-Site Scripting Vulnerability

]]>

Tue, 26 Aug 2025 01:15:00 GMT

read more

CVE-2025-9432 - Mtons MBlog Cross Site Scripting Vulnerability

]]>

Tue, 26 Aug 2025 01:15:00 GMT

read more

CVE-2025-9429 - Mtons Mblog Cross Site Scripting Vulnerability

]]>

Tue, 26 Aug 2025 00:15:00 GMT

read more

CVE-2025-9424 - "Ruijie WS7204-A Remote File Inclusion Vulnerability"

]]>

Mon, 25 Aug 2025 23:15:00 GMT

read more

CVE-2025-9425 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Mon, 25 Aug 2025 23:15:00 GMT

read more

CVE-2025-9426 - iSourcecode Online Tour and Travel Management System SQL Injection

]]>

Mon, 25 Aug 2025 23:15:00 GMT

read more

CVE-2025-9423 - Campcodes Online Water Billing System SQL Injection

]]>

Mon, 25 Aug 2025 23:15:00 GMT

read more

CVE-2025-9420 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-9421 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-9422 - Samarium OITcode Team Image Handler Cross-Site Scripting Vulnerability

]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-57805 - Scratch Channel Unauthenticated Article Publishing Vulnerability

]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-57809 - XGrammar Infinite Recursion Vulnerability

]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-57814 - Apache Request-Filtering-Agent SSRF Bypass

]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-8627 - TP-Link KP303 Unauthenticated Remote Command Injection

]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-9419 - iSourcecode Apartment Management System SQL Injection

]]>

Mon, 25 Aug 2025 21:15:00 GMT

read more

CVE-2025-57804 - Apache H2 HTTP/2 Request Smuggling Vulnerability

]]>

Mon, 25 Aug 2025 21:15:00 GMT

read more

CVE-2025-6188 - Arista EOS UDP Port 3503 Remote Denial of Service and Authentication Bypass

]]>

Mon, 25 Aug 2025 21:15:00 GMT

read more

CVE-2025-9418 - itsourcecode Apartment Management System SQL Injection Vulnerability

]]>

Mon, 25 Aug 2025 21:15:00 GMT

read more

CVE-2025-3456 - Arista EOS Clear Text Encryption Key Disclosure

]]>

Mon, 25 Aug 2025 20:15:00 GMT

read more

CVE-2025-52130 - WebErpMesv2 File Upload RCE

]]>

Mon, 25 Aug 2025 20:15:00 GMT

read more

CVE-2025-9416 - "Oitcode Samarium Pages Image Handler Cross-Site Scripting Vulnerability"

]]>

Mon, 25 Aug 2025 20:15:00 GMT

read more

CVE-2025-9417 - iSourcecode Apartment Management System SQL Injection Vulnerability

]]>

Mon, 25 Aug 2025 20:15:00 GMT

read more

CVE-2025-9414 - Kodbox Server-Download SSRF Vulnerability

]]>

Mon, 25 Aug 2025 19:15:00 GMT

read more

CVE-2025-9415 - GreenCMS Unrestricted File Upload Vulnerability

]]>

Mon, 25 Aug 2025 19:15:00 GMT

read more

CVE-2025-57802 - Airlink Docker Bind Mount Symlink Privilege Escalation Vulnerability

]]>

Mon, 25 Aug 2025 18:15:00 GMT

read more

CVE-2025-57811 - Craft Server-Side Template Injection Remote Code Execution Vulnerability

]]>

Mon, 25 Aug 2025 18:15:00 GMT

read more

CVE-2025-9412 - LostVip.com Ruoyi-Go Remote SQL Injection

]]>

Mon, 25 Aug 2025 18:15:00 GMT

read more

CVE-2025-9413 - LostVIP Ruoyi-Go SQL Injection Vulnerability

]]>

Mon, 25 Aug 2025 18:15:00 GMT

read more

CVE-2025-50383 - Easy!Appointments SQL Injection

]]>

Mon, 25 Aug 2025 18:15:00 GMT

read more

CVE-2025-29420 - PerfreeBlog Directory Traversal Vulnerability

]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-29421 - PerfreeBlog Arbitrary File Read Vulnerability

]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-50722 - Apache Sparkshop Unauthenticated Remote Code Execution

]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-53120 - "Juniper Unified PAM Remote Code Execution via Path Traversal"

]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-57760 - Langflow Privilege Escalation Vulnerability

]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-57772 - DataEase H2 JDBC RCE Bypass

]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-57773 - DataEase JNDI Injection Vulnerability

]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-6737 - Securden Unified PAM Remote Vendor Gateway Authentication Bypass

]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-9410 - LostVIP Ruoyi-go SQL Injection Vulnerability

]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-9411 - "LostVIP.com Ruoyi-go SQL Injection Vulnerability"

]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-46411 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-48005 - Biosig Project libbiosig Heap-Based Buffer Overflow Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-52461 - Biosig Project Libbiosig Nex Parsing Out-of-Bounds Read Information Leak

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-52581 - The Biosig Project libbiosig Arbitrary Code Execution Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-53511 - The Biosig Project libbiosig Heap-Based Buffer Overflow Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-53518 - The Biosig Project libbiosig Arbitrary Code Execution Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-53557 - Biosig Project Libbiosig MFER Parsing Heap-Based Buffer Overflow

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-53853 - Biosig Project libbiosig Heap-Based Buffer Overflow Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54370 - PhpOffice/PhpSpreadsheet SSRF Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54462 - Biosig Project libbiosig Heap-Based Buffer Overflow Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54480 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54481 - Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

16) fprintf(stderr,"Warning MFER tag2 incorrect length %i>16\n",len); curPos += ifread(&v,1,len,hdr); v[len] = 0; In this case, the overflowed buffer is the newly-declared `v` \[1\] instead of `buf`. Since `v` is only 17 bytes large, much smaller values of `len` (even those encoded using a single octet) can trigger an overflow in this code path. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54482 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

4) fprintf(stderr,"Warning MFER tag4 incorrect length %i>4\n",len); curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54483 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

NS; if (len>4) fprintf(stderr,"Warning MFER tag5 incorrect length %i>4\n",len); curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54484 - Biosig Project libbiosig MFER Parsing Stack Buffer Overflow

4) fprintf(stderr,"Warning MFER tag6 incorrect length %i>4\n",len); curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54485 - Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

2) fprintf(stderr,"Warning MFER tag8 incorrect length %i>2\n",len); curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54486 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

6) fprintf(stderr,"Warning MFER tag11 incorrect length %i>6\n",len); double fval; curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54487 - The Biosig Project libbiosig MFER Parsing Stack Buffer Overflow

6) fprintf(stderr,"Warning MFER tag12 incorrect length %i>6\n",len); val32 = 0; int8_t v8; curPos += ifread(&UnitCode,1,1,hdr); curPos += ifread(&v8,1,1,hdr); curPos += ifread(buf,1,len-2,hdr); In addition to values of `len` greater than 130 triggering a buffer overflow, a value of `len` smaller than 2 will also trigger a buffer overflow due to an integer underflow when computing `len-2` in this code path. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54488 - "The Biosig Project libbiosig Stack-Based Buffer Overflow"

8) fprintf(stderr,"Warning MFER tag13 incorrect length %i>8\n",len); curPos += ifread(&buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54489 - The Biosig Project libbiosig MFER Parsing Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54490 - The Biosig Project libbiosig Stack-Based Buffer Overflow

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54491 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54492 - Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54493 - Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54494 - Biosig Project libbiosig MFER Parsing Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-9407 - Mtons MBlog Cross-Site Scripting Vulnerability

]]>

Mon, 25 Aug 2025 11:15:00 GMT

read more

CVE-2025-48303 - Kevin Langley Jr. Post Type Converter CSRF Vulnerability

]]>

Mon, 25 Aug 2025 10:15:00 GMT

read more

CVE-2025-8562 - WordPress Custom Query Shortcode Path Traversal

]]>

Mon, 25 Aug 2025 10:15:00 GMT

read more

CVE-2025-7426 - Mnova TTA FTP Debug Port Authentication Bypass Information Disclosure

]]>

Mon, 25 Aug 2025 09:15:00 GMT

read more

CVE-2025-5191 - Moxa SerialInterfaceService Unquoted Search Path Privilege Escalation

]]>

Mon, 25 Aug 2025 08:15:00 GMT

read more

CVE-2025-54300 - "Joomla Quantum Manager SVG Upload Stored XSS"

]]>

Mon, 25 Aug 2025 07:15:00 GMT

read more

CVE-2025-54301 - "Quantum Manager Joomla Stored XSS"

]]>

Mon, 25 Aug 2025 07:15:00 GMT

read more

CVE-2025-8997 - OpenText Enterprise Security Manager Information Exposure Vulnerability

]]>

Mon, 25 Aug 2025 07:15:00 GMT

read more

CVE-2025-9118 - Google Cloud Dataform Path Traversal Vulnerability

]]>

Mon, 25 Aug 2025 07:15:00 GMT

read more

CVE-2025-5514 - Mitsubishi Electric Corporation MELSEC iQ-F Series CPU Module HTTP Request Delay Denial of Service Vulnerability

]]>

Mon, 25 Aug 2025 06:15:00 GMT

read more

CVE-2025-9405 - Open5GS Remote Assertion Vulnerability

]]>

Mon, 25 Aug 2025 04:15:00 GMT

read more

CVE-2025-9406 - Apache Mossle CMS Unrestricted File Upload Vulnerability

]]>

Mon, 25 Aug 2025 04:15:00 GMT

read more

CVE-2025-9403 - "jqlang jq JSON Parser Local Assertion Vulnerability"

]]>

Mon, 25 Aug 2025 03:15:00 GMT

read more

CVE-2025-9404 - Scada-LTS Cross-Site Scripting Vulnerability

]]>

Mon, 25 Aug 2025 03:15:00 GMT

read more

CVE-2025-9402 - HuangDou UTCMS Server-Side Request Forgery (SSRF) in Config Handler

]]>

Mon, 25 Aug 2025 02:15:00 GMT

read more

CVE-2025-9399 - YiFang CMS SQL Injection Vulnerability

]]>

Mon, 25 Aug 2025 01:15:00 GMT

read more

CVE-2025-9400 - YiFang CMS Unrestricted File Upload Vulnerability

]]>

Mon, 25 Aug 2025 01:15:00 GMT

read more

CVE-2025-9401 - HuangDou UTCMS Remote Code Execution Vulnerability

]]>

Mon, 25 Aug 2025 01:15:00 GMT

read more

CVE-2025-9398 - YiFang CMS Migrate.php Information Disclosure

]]>

Mon, 25 Aug 2025 00:15:00 GMT

read more

CVE-2025-9396 - lrzip Null Pointer Dereference Vulnerability

]]>

Sun, 24 Aug 2025 23:15:00 GMT

read more

CVE-2025-9397 - Givanz Vvveb Unrestricted File Upload Vulnerability

]]>

Sun, 24 Aug 2025 23:15:00 GMT

read more

CVE-2025-9395 - Wangsongyan Wblog SRFO (Server-Side Request Forgery)

]]>

Sun, 24 Aug 2025 22:15:00 GMT

read more

CVE-2025-9393 - "Linksys RE Series Stack-Based Buffer Overflow Vulnerability"

]]>

Sun, 24 Aug 2025 16:15:00 GMT

read more

CVE-2025-9394 - PoDoFo PDF Dictionary Parser Use After Free Vulnerability

]]>

Sun, 24 Aug 2025 16:15:00 GMT

read more

CVE-2025-9392 - Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 24 Aug 2025 15:15:00 GMT

read more

CVE-2025-9391 - Bjskzy Zhiyou ERP SQL Injection

]]>

Sun, 24 Aug 2025 15:15:00 GMT

read more

CVE-2025-9390 - Vim xxd Buffer Overflow Vulnerability

]]>

Sun, 24 Aug 2025 14:15:00 GMT

read more

CVE-2025-9388 - Scada-LTS Cross-Site Scripting

]]>

Sun, 24 Aug 2025 13:15:00 GMT

read more

CVE-2025-9389 - Vim Local Memory Corruption Vulnerability

]]>

Sun, 24 Aug 2025 13:15:00 GMT

read more

CVE-2025-9387 - DCN DCME-720 Web Management Backend OS Command Injection

]]>

Sun, 24 Aug 2025 12:15:00 GMT

read more

CVE-2025-9385 - Appneta TCPreplay Use After Free Vulnerability

]]>

Sun, 24 Aug 2025 11:15:00 GMT

read more

CVE-2025-9386 - AppNeta Tcpreplay Use After Free Vulnerability

]]>

Sun, 24 Aug 2025 11:15:00 GMT

read more

CVE-2025-9383 - FNKvision Y215 CCTV Camera Weak Hash Local Privilege Escalation Vulnerability

]]>

Sun, 24 Aug 2025 10:15:00 GMT

read more

CVE-2025-9384 - Appneta TCPreplay Local Null Pointer Dereference Vulnerability

]]>

Sun, 24 Aug 2025 10:15:00 GMT

read more

CVE-2025-9382 - FNKvision Y215 CCTV Camera Telnet Service Backdoor Vulnerability

]]>

Sun, 24 Aug 2025 08:15:00 GMT

read more

CVE-2025-9381 - FNKvision Y215 CCTV Camera File Disclosure Vulnerability

]]>

Sun, 24 Aug 2025 08:15:00 GMT

read more

CVE-2025-9379 - "Belkin AX1800 Firmware Update Handler Remote Authentication Bypass"

]]>

Sun, 24 Aug 2025 07:15:00 GMT

read more

CVE-2025-9380 - FNKvision Y215 CCTV Camera Firmware Hard-coded Credentials Vulnerability

]]>

Sun, 24 Aug 2025 07:15:00 GMT

read more

CVE-2025-8208 - Spexo Addons for Elementor WordPress Stored Cross-Site Scripting

]]>

Sun, 24 Aug 2025 06:15:00 GMT

read more

CVE-2025-36157 - IBM Jazz Foundation Unauthorized File Update Vulnerability

]]>

Sun, 24 Aug 2025 02:15:00 GMT

read more

CVE-2025-36174 - IBM Integrated Analytics System File Upload Arbitrary Code Execution Vulnerability

]]>

Sun, 24 Aug 2025 02:15:00 GMT

read more

CVE-2025-9362 - Linksys Router Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 23 Aug 2025 14:15:00 GMT

read more

CVE-2025-9363 - Linksys Wi-Fi Router Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 23 Aug 2025 14:15:00 GMT

read more

CVE-2025-9361 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 23 Aug 2025 12:15:00 GMT

read more

CVE-2025-9360 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 23 Aug 2025 11:15:00 GMT

read more

CVE-2025-9359 - Linksys Wireless Router Stack-Based Buffer Overflow

]]>

Sat, 23 Aug 2025 10:15:00 GMT

read more

CVE-2025-9358 - Linksys RE Series Stack-Based Buffer Overflow

]]>

Sat, 23 Aug 2025 08:15:00 GMT

read more

CVE-2025-5060 - Bravis User WordPress Authentication Bypass Vulnerability

]]>

Sat, 23 Aug 2025 07:15:00 GMT

read more

CVE-2025-5352 - "Lunary Analytics NEXT_PUBLIC_CUSTOM_SCRIPT Stored XSS Vulnerability"

]]>

Sat, 23 Aug 2025 07:15:00 GMT

read more

CVE-2025-5821 - "WordPress Case Theme User Plugin Authentication Bypass"

]]>

Sat, 23 Aug 2025 07:15:00 GMT

read more

CVE-2025-9357 - "Linksys Wi-Fi Router Stack-Based Buffer Overflow Vulnerability"

]]>

Sat, 23 Aug 2025 06:15:00 GMT

read more

CVE-2025-7813 - "Eventin WordPress Plugin SSRF Vulnerability"

]]>

Sat, 23 Aug 2025 06:15:00 GMT

read more

CVE-2025-9048 - WordPress Wptobe-memberships Plugin File Deletion Vulnerability

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-9131 - Ogulo – 360° Tour WordPress Stored Cross-Site Scripting Vulnerability

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7842 - Silencesoft RSS Reader Plugin CSRF Vulnerability

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7957 - WordPress ShortcodeHub Stored Cross-Site Scripting Vulnerability

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-8062 - WordPress WS Theme Addons Stored Cross-Site Scripting Vulnerability

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7839 - WordPress Restore Permanently Delete Post or Page Data CSRF

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7841 - Sertifier Certificate Badge Maker for WordPress - Tutor LMS Cross-Site Request Forgery (CSRF)

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7827 - Ni WooCommerce Customer Product Report Unauthorized Data Modification

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7828 - "WordPress WP Filter Combine RSS Feeds Unauthenticated Data Deletion Vulnerability"

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7642 - WordPress Simpler Checkout Plugin Authentication Bypass

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7821 - "WordPress WC Plus Favicon Logo Base Unauthorized Modification Vulnerability"

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-43766 - Liferay Portal/DPX Remote Code Execution Vulnerability

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-43764 - Liferay Portal Liferay DXP Regular Expression Denial of Service

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-43765 - Liferay Portal Stored Cross-Site Scripting Vulnerability

]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-43767 - Liferay Portal Open Redirect

]]>

Sat, 23 Aug 2025 04:15:00 GMT

read more

CVE-2025-58043 - Apache HTTP Server Unvalidated User Input

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58042 - Apache HTTP Server Cross-Site Request Forgery

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58041 - Apache HTTP Server Cross-Site Request Forgery

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58040 - Apache HTTP Server Authentication Bypass

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58039 - Apache Struts Remote Code Execution

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58036 - Apache HTTP Server Unvalidated User Input

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58037 - Apache Solr SQL Injection

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58038 - Apache Struts Command Injection

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-43769 - Liferay Portal Liferay DXP Stored Cross-Site Scripting (XSS) Vulnerability

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58035 - Apache HTTP Server Unvalidated User Input

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-22860 - Norton Antivirus Unvalidated Redirect to Arbitrary URL

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-22861 - Apache Struts Command Injection

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-22863 - Apache HTTP Server Cross-Site Request Forgery

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-22864 - Apache HTTP Server Command Injection

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-24468 - Apache HTTP Server Cross-Site Request Forgery

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-24469 - Apache HTTP Server Unvalidated User Input

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-43768 - Liferay Portal Unauthenticated Admin Data Disclosure

]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-43770 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

]]>

Sat, 23 Aug 2025 02:15:00 GMT

read more

CVE-2025-8193 - "Apache HTTP Server Information Disclosure Vulnerability"

]]>

Fri, 22 Aug 2025 23:15:00 GMT

read more

CVE-2025-52450 - "Tableau Server Path Traversal"

]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-52451 - "Salesforce Tableau Server Absolute Path Traversal Vulnerability"

]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-55455 - DooTask Authenticated Arbitrary Download Vulnerability

]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-9355 - Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-9356 - "Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability"

]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2022-45133 - Mahara XML Font Font Traversal Code Execution Vulnerability

]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-26496 - Tableau Type Confusion Local Code Inclusion Vulnerability

]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-26497 - Tableau Server Absolute Path Traversal Vulnerability

]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-26498 - "Salesforce Tableau Server File Upload Arbitrary File Write"

]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-43761 - Liferay Portal and DXP Reflected Cross-Site Scripting (XSS)

]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-4609 - Google Chrome Mojo Sandbox Escape

]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2022-31491 - Voltronic Power Remote Code Execution

]]>

Fri, 22 Aug 2025 20:15:00 GMT

read more

CVE-2022-43110 - Voltronic Power ViewPower and PowerShield Netguard Unauthenticated Remote Command Execution

]]>

Fri, 22 Aug 2025 20:15:00 GMT

read more

CVE-2025-57801 - Gnark EdDSA/ECDSA Signature Malleability

]]>

Fri, 22 Aug 2025 20:15:00 GMT

read more

CVE-2025-43762 - Liferay Portal File Upload Denial of Service

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-4650 - Apache Web Meta Service SQL Injection Vulnerability

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-50858 - Easy Hosting Control Panel (EHCP) Reflected Cross-Site Scripting Vulnerability

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-50859 - Easy Hosting Control Panel (EHCP) Reflected Cross-Site Scripting

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-51092 - VishnuSivadasVS LogIn-SignUp SQL Injection

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-54812 - Apache Log4cxx Cross-Site Scripting (XSS)

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-54813 - Apache Log4cxx JSONLayout Log Injection Vulnerability

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-55454 - DooTask RCE File Upload Vulnerability

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-6791 - Centreon Web SQL Injection Vulnerability

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-43759 - Liferay Portal Cross-Site Scripting (XSS)

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-43758 - Liferay Portal Unauthenticated File Access Vulnerability

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2022-45134 - Mahara XML Deserialization Code Execution Vulnerability

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2024-48988 - Apache StreamPark SQL Injection

]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2024-50645 - MallChat Authentication Bypass

]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2024-52786 - Anji-Plus AJ-Report Authentication Bypass Remote Code Execution

]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2024-53496 - Apache My-site Unauthenticated Access Control Bypass

]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2024-53499 - Jeewms SQL Injection

]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-43760 - Liferay Portal Reflected Cross-Site Scripting (XSS)

]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-52085 - Yoosee SQL Injection Vulnerability

]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-52287 - OperaMasks SDK ELite Script Engine RCE via Deserialization

]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-55581 - D-Link DCS-825L Persistent Root Code Execution Vulnerability

]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-55613 - Tenda O3V2 Buffer Overflow Vulnerability

]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-57770 - Zitadel Username Enumeration Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-57771 - Roo Code Command Injection Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-57800 - Audiobookshelf OpenID Connect Callback URL Redirect Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55622 - Reolink Task Hijacking Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55623 - Reolink Android Debug Bridge Authentication Bypass

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55624 - Reolink Intent Redirection Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55625 - Reolink Open Redirect Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55626 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell Chime IDOR

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55627 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Privilege Escalation

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55629 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell Password Manipulation Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55630 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Authentication Bypass

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55631 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Session Management Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55634 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Unauthenticated DoS

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55637 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Command Injection Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55745 - UnoPim Laravel Formula Injection Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-57105 - D-Link DI-7400G+ Router Command Injection Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2024-50644 - "Zhisheng17 Blog Authentication Bypass Vulnerability"

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2024-53494 - SpringBootBlog Unauthenticated Access Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55398 - Mouse07410 Asn1c Integer Constraint Enforcement Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55619 - Reolink Hardcoded Encryption Key and Initialization Vector Vulnerability

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55620 - Reolink XSS

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55621 - Reolink IDOR

]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55606 - Tenda AX3 Buffer Overflow Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55611 - D-Link DIR-619L Buffer Overflow Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55741 - UnoPim Laravel Mass Delete Privilege Escalation Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38665 - Linux Kernel CAN NULL Pointer Dereference Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38666 - AppleTalk Linux Kernel Appletalk AARP Race Condition Use-After-Free

ffff8880123aa300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff8880123aa380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc ffff8880123aa400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38667 - Linux iio Buffer Overflow

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38668 - Linux Kernel Regulator NULL Pointer Dereference Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38669 - "Linux Kernel DRM GEM NULL Pointer Dereference Vulnerability"

dmabuf. v3: - cc stable Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38670 - Linux kernel ARM64 DAIF Masking Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38671 - Linux Kernel i2c Qup Timeout Information Disclosure Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38672 - Linux Kernel - NULL Pointer Dereference in drm_gem_object

dmabuf. v3: - cc stable Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38673 - Linux Kernel - Null Pointer Dereference in DRM GEM Object Instance

dmabuf. v3: - cc stable Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38674 - "Linux Kernel DRM Prime DMA Buffer NULL Pointer Dereference Vulnerability"

dmabuf. v3: - cc stable Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38675 - Linux Kernel Xfrm State Pointer Initialization Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-43751 - Liferay Portal User Enumeration Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-50674 - OpenMediaVault Root Privilege Escalation Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-50733 - NextChat AI Chat Interface Cross-Site Scripting (XSS)

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-51605 - Shopizer CORS Misconfiguration Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-52094 - PDQ Smart Deploy Local Privilege Escalation Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-52095 - PDQ Smart Deploy Privilege Escalation Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-53363 - Dpanel Arbitrary File Read Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55599 - D-Link DIR-619L Buffer Overflow Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55602 - D-Link DIR-619L Buffer Overflow

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55603 - Tenda AX3 NTP Buffer Overflow

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55605 - Tenda AX3 Buffer Overflow Vulnerability

]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-33120 - IBM QRadar SIEM Privilege Escalation Vulnerability

]]>

Fri, 22 Aug 2025 15:15:00 GMT

read more

CVE-2025-36042 - IBM QRadar SIEM Cross-Site Scripting Vulnerability

]]>

Fri, 22 Aug 2025 15:15:00 GMT

read more

CVE-2025-55573 - QuantumNous new-api Remote Cross Site Scripting (XSS)

]]>

Fri, 22 Aug 2025 15:15:00 GMT

read more

CVE-2009-10006 - "UFO: Alien Invasion IRC Client Buffer Overflow"

]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2024-56179 - MindManager File Attachment Directory Traversal Vulnerability

]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2024-58239 - "Linux TLS Merger Vulnerability"

]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-38616 - "Linux TLS ULP Data Disappearance Out-of-Bounds Read"

]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-38617 - Linux Kernel Packet Netdev Up Event Race Condition

bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix are both similar to that of commit 15fe076edea7 ("net/packet: fix a race in packet_bind() and packet_notifier()"). There too the packet_notifier NETDEV_UP event managed to run while a po->bind_lock critical section had to be temporarily released. And the fix was similarly to temporarily set po->num to zero to keep the socket unhooked until the lock is retaken. The po->bind_lock in packet_set_ring and packet_notifier precede the introduction of git history. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-38618 - "vsock: VMADDR_PORT_ANY Binding Vulnerability"

]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-50691 - MCSManager Root Privilege Escalation Vulnerability

]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-51825 - JeecgBoot SQL Injection Vulnerability

]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-57890 - Pierre Lannoy Sessions Cross-site Scripting

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57891 - Wpecommerce Stored Cross-site Scripting

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57892 - Jeff Starr Simple Statistics for Feeds CSRF Vulnerability

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57893 - Epsiloncool WP Fast Total Search CSRF Vulnerability

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57894 - WPPizza Missing Authorization Vulnerability

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57895 - JobWP CSRF Vulnerability

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57896 - Church Admin Missing Authorization Vulnerability

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9254 - Uniong WebITR Authentication Bypass

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9255 - Uniong WebITR SQL Injection

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9256 - Uniong WebITR Arbitrary File Reading Vulnerability

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9257 - Uniong WebITR Arbitrary File Reading Vulnerability

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9258 - Uniong WebITR Arbitrary File Reading Vulnerability

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9259 - Uniong WebITR Arbitrary File Reading Vulnerability

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9331 - Spacious WordPress Cross-Site Request Forgery (CSRF) and Authentication Bypass

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57884 - Wpsoul Greenshift Missing Authorization Vulnerability

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57885 - Shahjahan Jewel Fluent Support CSRF Vulnerability

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57886 - Equalize Digital Accessibility Checker Authorization Bypass

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57887 - NooTheme Jobmonster Cross-Site Scripting (XSS)

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57888 - NooTheme Jobmonster Information Disclosure

]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9340 - Bouncy Castle for Java BC-FIPS Out-of-Bounds Write Vulnerability

]]>

Fri, 22 Aug 2025 10:15:00 GMT

read more

CVE-2025-9341 - Bouncy Castle for Java FIPS: Uncontrolled Resource Consumption in AESNativeCBC Java API

]]>

Fri, 22 Aug 2025 09:15:00 GMT

read more

CVE-2025-8678 - WordPress WP Crontrol SSRF

]]>

Fri, 22 Aug 2025 08:15:00 GMT

read more

CVE-2025-57699 - Western Digital Kitfox for Windows Unquoted Service Path Privilege Escalation Vulnerability

]]>

Fri, 22 Aug 2025 07:15:00 GMT

read more

Appel à manifestation d‘intérêt [clos]

]]>

Fri, 22 Aug 2025 07:13:00 GMT

read more

CVE-2025-8281 - Talroo WordPress Reflected Cross-Site Scripting

]]>

Fri, 22 Aug 2025 06:15:00 GMT

read more

CVE-2025-41452 - Danfoss AK-SM8xxA Series Web Interface Configuration Setting Vulnerability

]]>

Fri, 22 Aug 2025 03:15:00 GMT

read more

CVE-2025-41451 - Danfoss AK-SM8xxA Series Command Injection

]]>

Fri, 22 Aug 2025 03:15:00 GMT

read more

CVE-2025-43752 - Liferay Portal File Upload Denial of Service (DoS) Vulnerability

]]>

Fri, 22 Aug 2025 01:16:00 GMT

read more

CVE-2023-3948 - CVE-2021-4034: Cisco ASA SSL/TLS Downgrade Vulnerability

]]>

Thu, 21 Aug 2025 23:15:00 GMT

read more

CVE-2023-4131 - CVE-2022-1234: OpenSSL SSL/TLS Denial of Service

]]>

Thu, 21 Aug 2025 23:15:00 GMT

read more

CVE-2023-4143 - Apache Struts Remote Code Execution Vulnerability

]]>

Thu, 21 Aug 2025 23:15:00 GMT

read more

CVE-2025-43753 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

]]>

Thu, 21 Aug 2025 23:15:00 GMT

read more

CVE-2009-20004 - GAlan Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20007 - Seagull FTP Client Stack-based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20034 - Gekko Manager FTP Client FTP Buffer Overflow

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20107 - FTP Synchronizer Professional FTP Server Stack-Based Buffer Overflow

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20108 - FTPPad Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20113 - EasyFTP Server Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20114 - VariCAD EN Stack-Based Buffer Overflow

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20115 - Arcane Software Vermillion FTP Daemon PORT Command Memory Corruption Vulnerability

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20120 - Maple Maplet Remote Code Execution

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20122 - Xftp FTP Client Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20123 - Steinberg MyMP3Player Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2025-43747 - Liferay DXP SSRF

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2025-51606 - Hippo4J JWT Secret Key Hard-Coded Vulnerability

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2009-20003 - Xenorate Windows Multimedia Player Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2009-20002 - Millenium MP3 Studio Stack-Based Buffer Overflow

]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2025-55231 - Microsoft Windows Storage Race Condition Remote Code Execution

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55230 - Microsoft Windows MBT Transport Driver Untrusted Pointer Dereference Privilege Escalation Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55229 - Microsoft Windows Certificate Spoofing Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55106 - Esri Portal for ArcGIS Enterprise Sites Stored Cross-site Scripting Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55107 - Esri Portal for ArcGIS Enterprise Sites Cross-Site Scripting (XSS)

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55105 - Esri Portal for ArcGIS Enterprise Sites Stored Cross-site Scripting Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-53795 - Microsoft PC Manager Privilege Escalation Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-54460 - Apache Hadoop HDFS File Upload Vulnerability (Privilege Escalation)

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55103 - Esri Portal for ArcGIS Enterprise Sites Stored XSS

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55104 - ArcGIS HUB and ArcGIS Enterprise Sites Stored XSS

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-10015 - AOL Phobos.dll Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-20109 - Barracuda Path Traversal Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-20111 - Digital Music Pad Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-20112 - Amlib NetOpacs Webquery.dll Stack Buffer Overflow and Control Flow Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-20119 - CommuniCrypt Mail Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-20121 - EasyFTP Server Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-24489 - Apache File Upload Remote Code Execution

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-27714 - Apache File Upload Remote Code Execution Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-27721 - INFINITT PACS Unauthenticated System Manager Access

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-3128 - Mitsubishi Electric smartRTU Remote Command Execution

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-41415 - Adobe Publication Target Information Disclosure

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-51989 - Evolution Consulting Kft. HRmaster HTML Injection Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-53763 - Azure Databricks Privilege Escalation Vulnerability

]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-38742 - Dell iDRAC Service Module (iSM) Local Code Execution

]]>

Thu, 21 Aug 2025 19:15:00 GMT

read more

CVE-2025-38743 - Dell iDRAC Buffer Access with Incorrect Length Value Elevation of Privileges

]]>

Thu, 21 Aug 2025 19:15:00 GMT

read more

CVE-2025-57751 - Apache pyLoad Server-Side Request Forgery (SSRF) Vulnerability

]]>

Thu, 21 Aug 2025 19:15:00 GMT

read more

CVE-2024-50641 - PandoraNext TokensTool Authentication Bypass

]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-43754 - Liferay Portal/Boundary Information Disclosure

]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-52351 - Aikaan IoT Management Platform Password Disclosure

]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-52352 - Aikaan IoT Management Platform Sign-up API Authentication Bypass

]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-55523 - Agent-Zero Directory Traversal Vulnerability

]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-55524 - Agent-Zero Privilege Escalation Vulnerability

]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-57768 - Phproject Stored Cross-Site Scripting (XSS)

]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-7051 - N-central Syslog Configuration Privilege Escalation Vulnerability

]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-55522 - Akaunting XSS Injection

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57754 - Supabase URI Exposure in eslint-ban-moment

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57755 - Claude-code-router CORS Credential Exposure

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57761 - WeGIA Web Manager SQL Injection Vulnerability

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57762 - WeGIA Web Manager Stored Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57763 - WeGIA Web Manager Reflected Cross-Site Scripting (XSS)

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57764 - WeGIA Web Manager Reflected Cross-Site Scripting (XSS)

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57765 - WeGIA Web Manager Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-6465 - Mattermost File Upload Path Traversal Vulnerability

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-7969 - Markdown-it XSS Vulnerability

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-8402 - Mattermost Server Denial of Service Vulnerability

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-9309 - Tenda MD5 Hash Handler Local Hard-Coded Credentials Vulnerability

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-9310 - YeQuifu CarRental Druid Hard-Coded Credentials Remote Vulnerability

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-9311 - iSourcecode Apartment Management System SQL Injection

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2024-45438 - SpamTitan Email Security Gateway Unauthenticated Account Creation Vulnerability

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-43755 - Liferay Portal Stored Cross-Site Scripting Vulnerability

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-43756 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-55521 - Akaunting Settings Localisation Denial of Service (DoS)

]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-55743 - UnoPim Laravel File Upload Validation Bypass

]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-55744 - UnoPim Laravel CSRF Vulnerability

]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-57753 - Vite-Plugin-Static-Copy Unauthorized File Access Vulnerability

]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-9162 - Keycloak KeycloakRealmImport Environment Variable Injection Vulnerability

]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-9306 - SourceCodester Advanced School Management System Cross-Site Scripting Vulnerability

]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-9307 - PHPGurukul Online Course Registration SQL Injection Vulnerability

]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-9308 - Yarn SetOptions Regular Expression Inefficient Complexity Vulnerability

]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-48956 - Apache vLLM HTTP Header DoS Vulnerability

]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-50860 - Easy Hosting Control Panel SQL Injection

]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-52194 - Libsndfile IRCAM Audio File Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-53251 - An-Themes Pin WP RCE File Upload Vulnerability

]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-55297 - Espressif ESP-IDF BluFi Wi-Fi Credential Handling and Diffie-Hellman Key Exchange Memory Overflow Vulnerability

]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-55371 - jshERP Insecure Direct Object Reference (IDOR)

]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-55383 - Moss File Upload Vulnerability

]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-9303 - TOTOLINK A720R Buffer Overflow in setParentalRules

]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-9304 - SourceCodester Online Bank Management System SQL Injection Vulnerability

]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-9305 - SourceCodester Online Bank Management System SQL Injection

]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-34158 - Plex Media Server Remote Code Execution Vulnerability

]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-51818 - MCCMS PHP Code Injection

]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-55366 - jshERP Unauthenticated User Password Reset and Privilege Escalation

]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-55367 - jshERP Arbitrary Supplier Status Modification Vulnerability

]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-55368 - jshERP Unauthenticated Supplier Status Modification Vulnerability

]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-55370 - jshERP SQL Injection

]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-55564 - Tenda AC15 Denial of Service (DoS) Stack Overflow

]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-9301 - "CMake Local Assertion Vulnerability"

]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-9302 - PHPGurukul User Management System SQL Injection

]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-47184 - Exagid EX10 XXE Injection Vulnerability

]]>

Thu, 21 Aug 2025 13:15:00 GMT

read more

CVE-2025-9297 - Tenda i22 Remote Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 13:15:00 GMT

read more

CVE-2025-9298 - Tenda M3 Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 13:15:00 GMT

read more

CVE-2025-9299 - Tenda M3 Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 21 Aug 2025 13:15:00 GMT

read more

CVE-2025-9300 - Saitoha Libsixel Local Stack-Based Buffer Overflow

]]>

Thu, 21 Aug 2025 13:15:00 GMT

read more

CVE-2025-9296 - Emlog Pro Unrestricted File Upload Vulnerability

]]>

Thu, 21 Aug 2025 12:15:00 GMT

read more

CVE-2025-8064 - WordPress Bible SuperSearch Stored Cross-Site Scripting Vulnerability

]]>

Thu, 21 Aug 2025 10:15:00 GMT

read more

CVE-2025-47700 - Mattermost Server Open Redirect

]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-47870 - Mattermost Team Invite ID Disclosure

]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-49222 - Mattermost File Type Validation Bypass

]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-49810 - Mattermost Information Disclosure

]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-53971 - Mattermost Authorization Bypass Vulnerability

]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-8023 - Mattermost Path Traversal Vulnerability

]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-8895 - WordPress Webhooks Plugin Unauthenticated Arbitrary File Copy Vulnerability

]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-36530 - Mattermost Plugin Path Traversal Vulnerability

]]>

Thu, 21 Aug 2025 07:15:00 GMT

read more

CVE-2025-7221 - GiveWP – Donation Plugin and Fundraising Platform Unauthenticated Payment Status Modification Vulnerability

]]>

Thu, 21 Aug 2025 06:15:00 GMT

read more

CVE-2025-7390 - "OPC.HTTPS Client Certificate Trust Bypass"

]]>

Thu, 21 Aug 2025 06:15:00 GMT

read more

CVE-2025-8592 - WordPress Inspiro CSRF Plugin Installation

]]>

Thu, 21 Aug 2025 06:15:00 GMT

read more

CVE-2025-8607 - FunnelKit SlingBlocks Stored Cross-Site Scripting Vulnerability

]]>

Thu, 21 Aug 2025 06:15:00 GMT

read more

CVE-2025-53504 - Group-Office Cross-Site Scripting Vulnerability

]]>

Thu, 21 Aug 2025 05:15:00 GMT

read more

CVE-2025-53505 - Group-Office Path Traversal Vulnerability

]]>

Thu, 21 Aug 2025 05:15:00 GMT

read more

CVE-2025-57829 - Apache HTTP Server Command Injection

]]>

Thu, 21 Aug 2025 04:16:00 GMT

read more

CVE-2025-57830 - Apache HTTP Server Authentication Bypass

]]>

Thu, 21 Aug 2025 04:16:00 GMT

read more

CVE-2025-57831 - Apache HTTP Server Unknown Method Response

]]>

Thu, 21 Aug 2025 04:16:00 GMT

read more

CVE-2025-57832 - Apache HTTP Server Unvalidated User Input

]]>

Thu, 21 Aug 2025 04:16:00 GMT

read more

CVE-2025-57824 - "Apache Struts Deserialization Vulnerability"

]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-57825 - Cisco WebEx Meeting Center Cross-Site Request Forgery

]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-57826 - Apache HTTP Server Cross-Site Request Forgery

]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-57827 - Apache HTTP Server Authentication Bypass

]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-57828 - Apache HTTP Server Unsecured Configuration

]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-48355 - ProveSource Social Proof Information Exposure Vulnerability

]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-48978 - Ubiquiti Networks EdgeMAX EdgeSwitch Command Injection Vulnerability

]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-24285 - "UniFi Connect EV Station Lite Command Injection Vulnerability"

]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-27213 - Ubiquiti UniFi Connect Improper Access Control Vulnerability

]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-27214 - "UniFi Connect EV Station Pro Authentication Bypass"

]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-27215 - Ubiquiti UniFi Connect Display Cast Insufficient Authentication Access Control Vulnerability

]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-27216 - "UISP Privilege Escalation Vulnerability"

]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-27217 - "UISP Server-Side Request Forgery Vulnerability"

]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-43300 - Apple macOS and iPadOS Out-of-Bounds Write Vulnerability

]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-9264 - Xuxueli XXL-Job ID Resource Manipulation Remote Code Execution Vulnerability

]]>

Thu, 21 Aug 2025 00:15:00 GMT

read more

Fuite de données chez Auchan

]]>

Thu Aug 21 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-9253 - Linksys Router Stack-Based Buffer Overflow

]]>

Wed, 20 Aug 2025 23:15:00 GMT

read more

CVE-2025-9262 - "Wong2 mcp-cli OAuth Handler Remote OS Command Injection Vulnerability"

]]>

Wed, 20 Aug 2025 23:15:00 GMT

read more

CVE-2025-9263 - Xuxueli XXL-Job Remote Resource Identifier Manipulation Vulnerability

]]>

Wed, 20 Aug 2025 23:15:00 GMT

read more

CVE-2025-9288 - Sha.js Input Validation Vulnerability

]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2025-9252 - Linksys RE6000 Series Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2025-9287 - Cipher-Base Cryptographic Input Data Manipulation Vulnerability

]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2025-57749 - n8n Symlink Traversal Vulnerability

]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2025-9250 - Linksys RE Series Stack-Based Buffer Overflow

]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2025-9251 - Linksys Router Sta WPS Pin Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2024-57155 - Radar Authentication Bypass Vulnerability

]]>

Wed, 20 Aug 2025 21:15:00 GMT

read more

CVE-2025-9247 - Linksys Router Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 21:15:00 GMT

read more

CVE-2025-9248 - Linksys RE Series Remote Stack-Based Buffer Overflow

]]>

Wed, 20 Aug 2025 21:15:00 GMT

read more

CVE-2025-9249 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 21:15:00 GMT

read more

CVE-2025-9244 - "Linksys Router AddStaticRoute Command Injection Vulnerability"

]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-9245 - "Linksys WPSSTAPINEnr Stack-Based Buffer Overflow Vulnerability"

]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-9246 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2024-57154 - Dts-Shop Authentication Bypass

]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-43757 - Liferay Portal Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-50902 - Old-Peanut Wechat Applet CSRF Vulnerability

]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-54988 - Apache Tika XXE Vulnerability

]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-5115 - Jetty HTTP/2 Client Resource Exhaustion Denial of Service

]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-9241 - Elunez Eladmin CSV Injection Vulnerability

]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-43746 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

]]>

Wed, 20 Aug 2025 19:15:00 GMT

read more

CVE-2025-9240 - Elunez Eladmin Information Disclosure Vulnerability

]]>

Wed, 20 Aug 2025 19:15:00 GMT

read more

CVE-2024-57152 - My-Site Unauthenticated Access Control Vulnerability

]]>

Wed, 20 Aug 2025 19:15:00 GMT

read more

CVE-2025-9237 - CodeAstro Ecommerce Website Cross Site Scripting

]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-9238 - Swatadru Exam-Seating-Arrangement SQL Injection Vulnerability

]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-9239 - Elunez Eladmin DES Key Handler Weak Encryption Strength Vulnerability

]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2024-53495 - Apache Struts Unauthenticated Access Control Bypass

]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-47054 - Adobe Experience Manager DOM-based Cross-Site Scripting (XSS)

]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-55746 - Directus Unauthenticated File Upload and Modification Vulnerability

]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-9236 - Portabilis i-Diario SQL Injection Vulnerability

]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-9234 - Scada-LTS Cross-Site Scripting Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-9235 - Scada-LTS Cross-Site Scripting Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-8415 - Cryostat Information Disclosure

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-8610 - AOMEI Cyber Backup Remote Code Execution Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-8611 - AOMEI Cyber Backup Remote Code Execution (RCE) Missing Authentication

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-8612 - AOMEI Backupper Workstation Local Privilege Escalation (LPE)

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46998 - Adobe Experience Manager Stored XSS Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-50901 - JeeWMS Authentication Bypass Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-50904 - WinterChenS my-site Authentication Bypass

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-55444 - Online Artwork Fine Arts MCA Project SQL Injection Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-6180 - StrongDM Client Authentication Token Interception Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-6181 - StrongDM Windows Privilege Escalation Remote Code Execution

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-6182 - StrongDM Windows Certificate Management Privilege Escalation Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-6183 - StrongDM macOS Client JSON Injection Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-8309 - ManageEngine Asset Explorer Privilege Escalation Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46932 - Adobe Experience Manager Stored Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46936 - Adobe Experience Manager Stored XSS Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46962 - Adobe Experience Manager Stored Cross-Site Scripting Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-20131 - Cisco ISE GUI File Upload Vulnerability (Arbitrary File Upload)

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-20269 - Cisco EPNM and Prime Infrastructure HTTP Request Validation Bypass Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-20345 - Cisco Duo Authentication Proxy Sensitive Information Disclosure Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-28041 - itranswarp Unauthenticated Access Control Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46849 - Adobe Experience Manager Stored XSS

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46852 - Adobe Experience Manager Stored Cross-Site Scripting Vulnerability

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46856 - Adobe Experience Manager DOM-based Cross-Site Scripting (XSS)

]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2009-10005 - ContentKeeper Web Appliance File Inclusion Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-10014 - Odin Secure FTP Directory Listing Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-20042 - Xion Audio Player SEH Overwrite Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-20045 - FileWrangler FTP Server Buffer Overflow

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-20049 - LeapFTP FTP Client Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-20059 - FreeNAS Unauthenticated Command Execution Backdoor

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-20103 - ProFTPD Backdoor Command Injection Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10020 - Kaillera Server UDP Packet Handling Denial-of-Service Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10021 - Magix Musik Maker Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10022 - SPlayer HTTP Response Handler Stack-Based Buffer Overflow

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10023 - MJM QuickPlayer Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10024 - MJM Core Player Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10025 - Subtitle Processor Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10026 - Spreecommerce Remote Command Execution Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10027 - AOL Desktop Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10028 - RealNetworks RealArcade ActiveX Exec Arbitrary Command Execution

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10029 - Solar FTP Server Format String Denial of Service

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10030 - Foxit PDF Reader File Write Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2012-10061 - Sockso Music Host Server Path Traversal Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2024-57157 - Jantent Authentication Bypass Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2025-55731 - Frappe SQL Injection Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2025-55732 - Frappe SQL Injection Bypass

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2025-55751 - "OpenBoardLite Redirect URL Forgery (Phishing/Credentials Theft)"

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2025-9233 - Scada-LTS Cross-Site Scripting Vulnerability

]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2025-55498 - Tenda AC6 Buffer Overflow

]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2024-57491 - "Jobx Authentication Bypass"

]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-1139 - IBM Edge Application Manager Privilege Escalation Vulnerability

]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-1142 - IBM Edge Application Manager SSRF Vulnerability

]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-36114 - IBM QRadar SOAR Plugin App Directory Traversal Vulnerability

]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-43748 - Liferay Portal Cross-Site Request Forgery (CSRF)

]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-50864 - Elysia-Cors Origin Validation Bypass Vulnerability

]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-51990 - XWiki Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-51991 - XWiki Server-Side Template Injection Vulnerability

]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-55482 - Tenda AC6 Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-30256 - Tenda AC6 HTTP Header Parsing Denial of Service

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-31355 - Tenda AC6 Firmware Signature Validation Code Execution Vulnerability

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-32010 - Tenda AC6 Cloud API Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-50503 - Touch Lebanon Mobile App Password Reset Bypass Vulnerability

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-54923 - Apache Service Remote Code Execution Vulnerability

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-54924 - Adobe Acrobat SSRF

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-54925 - Apache HTTP Server SSRF

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-54926 - Apache HTTP Server Remote Code Execution Path Traversal

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-54927 - Apache HTTP Server Path Traversal Vulnerability

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-55483 - Tenda AC6 Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-55499 - Tenda AC6 Buffer Overflow Vulnerability

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-55503 - Tenda AC6 Stack Overflow Vulnerability

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-8448 - BMC Software SMB Exposes Sensitive Credentials

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-8449 - Apache BMS Denial of Service

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-9074 - "Docker Desktop Unauthenticated Engine API Access Vulnerability"

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-24322 - Tenda AC6 Remote Code Execution Vulnerability

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-24496 - Tenda AC6 Information Disclosure

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-27129 - Tenda AC6 HTTP Authentication Bypass Code Execution Vulnerability

]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-43749 - Liferay Portal Unauthenticated File Upload Vulnerability

]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-43750 - Liferay Portal Unvalidated File Upload Vulnerability

]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-4437 - CRI-O Denial-of-Service Vulnerability

]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-4877 - Libssh Out-of-Bounds Write Vulnerability

]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-54172 - QuickCMS Stored XSS Vulnerability in sTitle Parameter

]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-54174 - QuickCMS Cross-Site Request Forgery (CSRF) in Article Creation

]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-54175 - QuickCMS Reflected XSS in Thumbnail Viewer sFileName Parameter

]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-8453 - Apache root-level daemon Privilege Escalation Arbitrary Code Execution

]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-43741 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

]]>

Wed, 20 Aug 2025 12:15:00 GMT

read more

CVE-2025-43742 - Liferay Portal Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 20 Aug 2025 12:15:00 GMT

read more

CVE-2025-7777 - Apache Mirror-Registry HTTP Host Header Injection Vulnerability

]]>

Wed, 20 Aug 2025 12:15:00 GMT

read more

CVE-2025-8102 - Easy Digital Downloads WordPress CSRF

]]>

Wed, 20 Aug 2025 12:15:00 GMT

read more

CVE-2025-9173 - Emlog Pro Unrestricted File Upload Vulnerability

]]>

Wed, 20 Aug 2025 11:15:00 GMT

read more

CVE-2025-57727 - JetBrains IntelliJ IDEA Remote Reference Credentials Disclosure Vulnerability

]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57728 - JetBrains IntelliJ IDEA Code With Me Guest File Disclosure

]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57729 - JetBrains IntelliJ IDEA Plugin Startup Vulnerability

]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57730 - JetBrains IntelliJ IDEA HTML Injection Vulnerability

]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57731 - JetBrains YouTrack Stored XSS

]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57732 - JetBrains TeamCity Directory Ownership Escalation

]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57733 - JetBrains TeamCity SMTP Injection Vulnerability

]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57734 - JetBrains TeamCity AWS Credentials Exposed

]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-5260 - Pik Online Yazılım Çözümleri A.Ş. Pik Online SSRF Vulnerability

]]>

Wed, 20 Aug 2025 09:15:00 GMT

read more

CVE-2025-5261 - Pik Online Authorization Bypass Through User-Controlled Key

]]>

Wed, 20 Aug 2025 09:15:00 GMT

read more

CVE-2025-9228 - MiR Text Note Authorization Bypass

]]>

Wed, 20 Aug 2025 09:15:00 GMT

read more

CVE-2025-9229 - MiR Error Handling Information Disclosure Vulnerability

]]>

Wed, 20 Aug 2025 09:15:00 GMT

read more

CVE-2024-39954 - Apache EventMesh SSRF

]]>

Wed, 20 Aug 2025 09:15:00 GMT

read more

CVE-2025-54677 - vcita Online Booking Scheduling Calendar for WordPress Unrestricted File Upload Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54713 - Magepeopleteam Taxi Booking Manager for WooCommerce Authentication Bypass

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54726 - Miguel Useche JS Archive List SQL Injection

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54735 - CubeWP Framework Privilege Escalation

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54750 - FunnelKit Funnel Builder PHP Remote File Inclusion Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-55715 - Themeisle Otter - Gutenberg Block Sensitive Data Information Disclosure

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-9225 - MiR Robots and MiR Fleet Stored Cross-Site Scripting Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54053 - Groundhogg Deserialization of Untrusted Data Object Injection

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54055 - Skygroup Druco Cross-site Scripting Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54056 - LambertGroup Responsive HTML5 Audio Player PRO With Playlist Cross-site Scripting

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54670 - Bobbingwide Oik Cross-site Scripting (XSS)

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54052 - Realtyna Realtyna Organic IDX CSRF Remote File Inclusion Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54031 - Schiocco Support Board PHP Remote File Inclusion Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54032 - WebCodingPlace Real Estate Manager Pro Cross-site Scripting

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54034 - Tribulant Software Newsletters PHP Remote File Inclusion Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54040 - Webba Booking Missing Authorization Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54044 - CreativeMedia Elite Video Player Cross-site Scripting Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54046 - QuanticaLabs Cost Calculator Cross-site Scripting Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54048 - miniOrange Custom API for WP SQL Injection

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54049 - miniOrange Custom API for WP Privilege Escalation Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54019 - Bearsthemes Alone Code Injection Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54021 - Mitchell Bennis Simple File List Path Traversal

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54025 - RelyWP Coupon Affiliates Missing Authorization Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54027 - Schiocco Support Board Cross-site Scripting

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54028 - Saleswonder Team Tobias CF7 WOW Styler PHP Remote File Inclusion Vulnerability

]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-9202 - ColorMag WordPress Unauthorized Data Modification Vulnerability

]]>

Wed, 20 Aug 2025 07:15:00 GMT

read more

CVE-2025-53522 - Movable Type Email Password Reset Vulnerability

]]>

Wed, 20 Aug 2025 05:15:00 GMT

read more

CVE-2025-54551 - Synapse Mobility Web Parameter Privilege Escalation

]]>

Wed, 20 Aug 2025 05:15:00 GMT

read more

CVE-2025-55706 - Movable Type Open Redirect

]]>

Wed, 20 Aug 2025 05:15:00 GMT

read more

CVE-2025-8618 - "WPC Smart Quick View for WooCommerce Stored Cross-Site Scripting Vulnerability"

]]>

Wed, 20 Aug 2025 05:15:00 GMT

read more

CVE-2025-57742 - Apache HTTP Server Unvalidated User Input

]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57743 - Adobe Acrobat Out-of-bounds Read

]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57744 - Apache HTTP Server Unvalidated User Input

]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57745 - Cisco Router Unvalidated Input

]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57746 - Microsoft Azure Active Directory Authentication Bypass

]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57747 - Apache HTTP Server Unvalidated User Input

]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57748 - Apache HTTP Server Local File Inclusion

]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57788 - Commvault Unauthenticated API Execution Vulnerability

]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57789 - Commvault Default Credential Exposure Vulnerability

]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57790 - Commvault Path Traversal Remote Code Execution Vulnerability

]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57791 - Commvault Command Injection Vulnerability

]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-54363 - Microsoft Knack Regular Expression Denial of Service (ReDoS)

]]>

Wed, 20 Aug 2025 03:15:00 GMT

read more

CVE-2025-54364 - Microsoft Knack Regular Expression Denial of Service (ReDoS)

]]>

Wed, 20 Aug 2025 03:15:00 GMT

read more

CVE-2025-8141 - "WordPress Contact Form 7 Plugin Arbitrary File Deletion Vulnerability"

]]>

Wed, 20 Aug 2025 03:15:00 GMT

read more

CVE-2025-8145 - "Contact Form 7 PHP Object Injection and RCE Vulnerability"

]]>

Wed, 20 Aug 2025 03:15:00 GMT

read more

CVE-2025-8289 - "WordPress Redirection for Contact Form 7 PHP Object Injection Vulnerability"

8. This vulnerability also requires the 'Redirection For Contact Form 7 Extension - Create Post' extension to be installed and activated in order to be exploited. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. We confirmed there is a usable gadget in Contact Form 7 plugin that makes arbitrary file deletion possible when installed with this plugin. Given Contact Form 7 is a requirement of this plugin, it is likely that any site with this plugin and the 'Redirection For Contact Form 7 Extension - Create Post' extension enabled is vulnerable to arbitrary file deletion. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 20 Aug 2025 03:15:00 GMT

read more

CVE-2024-12223 - Palo Alto Networks Prism Central Stored Cross-Site Scripting Vulnerability

]]>

Wed, 20 Aug 2025 01:15:00 GMT

read more

CVE-2025-9132 - Google Chrome V8 Out-of-Bounds Heap Corruption Vulnerability

]]>

Wed, 20 Aug 2025 01:15:00 GMT

read more

CVE-2025-9176 - Neurobin shc OS Command Injection Vulnerability

]]>

Wed, 20 Aug 2025 00:15:00 GMT

read more

CVE-2025-9193 - TOTVS Portal Meu RH Open Redirect Vulnerability

]]>

Wed, 20 Aug 2025 00:15:00 GMT

read more

CVE-2025-9175 - Neurobin SHC Stack-Based Buffer Overflow

]]>

Tue, 19 Aug 2025 23:15:00 GMT

read more

CVE-2025-9171 - SolidInvoice Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 23:15:00 GMT

read more

CVE-2025-9174 - Neurobin Shc OS Command Injection Vulnerability

]]>

Tue, 19 Aug 2025 23:15:00 GMT

read more

CVE-2025-9169 - SolidInvoice Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 22:15:00 GMT

read more

CVE-2025-9170 - SolidInvoice Tax Rates Module Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 22:15:00 GMT

read more

CVE-2025-9167 - SolidInvoice Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9168 - SolidInvoice Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9179 - "Firefox/Thunderbird GMP Memory Corruption Vulnerability"

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9180 - "Firefox/Thunderbird Same-Origin Policy Bypass in Graphics: Canvas2D"

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9181 - Mozilla Firefox JavaScript Engine Uninitialized Memory Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9182 - "Firefox WebRender Denial-of-Service Vulnerability"

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9183 - Firefox Spoofing Address Bar Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9184 - Firefox/Thunderbird Memory Corruption Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9185 - Mozilla Firefox/Thunderbird Memory Corruption Vulnerabilities

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9186 - Firefox Focus for Android URL Spoofing Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9187 - Firefox Memory Corruption Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55032 - Focus for iOS MIME Type Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55033 - Focus for iOS JavaScript Injection Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-8041 - Firefox for Android URL Truncation Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-8042 - Firefox for Android Cross-Site Download Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-8364 - Mozilla Firefox Android URI Spoofing Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55030 - Firefox for iOS MIME Type Misinterpretation Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55031 - Firefox for iOS Bluetooth Hybrid Passkey Transport Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-54143 - Mozilla Firefox for iOS Cross-Site Download

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-54144 - "Firefox for iOS URL Scheme Clickjacking Vulnerability"

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-54145 - Firefox for iOS QR Scanner Code Injection Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55028 - Firefox for iOS JavaScript Alert Denial of Service

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55029 - Firefox for iOS Script Injection Vulnerability

]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9157 - Appneta Tcpreplay Use After Free Vulnerability

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-9165 - LibTIFF Memory Leak Vulnerability

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-2988 - IBM Sterling B2B Integrator and IBM Sterling File Gateway Information Disclosure

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-43743 - Liferay Portal Information Disclosure

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-43744 - Liferay Portal Stored DOM-Based XSS Vulnerability

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-50926 - Easy Hosting Control Panel EHCP SQL Injection Vulnerability

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-51543 - Cicool Builder Password Reset Vulnerability

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-52337 - LogicData eCommerce Framework File Upload RCE

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-55737 - "FlaskBlog Comment Deletion Privilege Escalation Vulnerability"

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-55740 - Ngix-Defender Default Credentials Exposure Vulnerability

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-9155 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-9156 - iSourcecode Sports Management System SQL Injection

]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-33008 - IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-43737 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-43745 - Liferay Portal CSRF Attack

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-50891 - Adform Site Tracking Cross-Site Scripting (XSS)

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-52338 - LogicData eCommerce Framework Authentication Bypass

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55303 - Astro Image Optimization Endpoint Protocol-Relative URL Injection

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55306 - GenX FX Exposed API Keys and Authentication Tokens

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55733 - DeepChat Custom URL Handler Remote Code Execution Vulnerability

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55734 - FlaskBlog Unauthenticated Access to Sensitive Pages

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55735 - FlaskBlog Stored XSS Vulnerability

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55736 - FlaskBlog Role Elevation Vulnerability

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-9153 - iSourcecode Online Tour and Travel Management System File Upload Vulnerability

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-9154 - iSourcecode Online Tour and Travel Management System SQL Injection

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2024-44373 - AllSky Path Traversal Web Shell RCE

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-31988 - HCL Digital Experience Cross-Site Scripting (XSS) Vulnerability

]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55153 - Apache HTTP Server XML Entity Injection

]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-55294 - "Screenshot-Desktop Command Injection Vulnerability"

]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-55295 - qBit Manage Path Traversal Vulnerability

]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-8450 - Fortra FileCatalyst Unauthenticated File Upload Vulnerability

]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-9149 - Wavlink Wireless.cgi Command Injection

]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-9150 - Surbowl Dormitory-Management-Php SQL Injection

]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-9151 - LiuYuYang01 ThriveX-Blog Remote Unauthorized Access Vulnerability

]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-54881 - Mermaid Sequence Diagram Label XSS

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-9147 - JasonClark GetSemantic Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-9148 - CodePhiliaX Chat2DB JDBC Connection Handler SQL Injection Vulnerability

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38605 - "Qualcomm ath12k Wi-Fi Kernel Panic Vulnerability"

ar could become NULL and that would trigger kernel panic. Since the caller ath12k_dp_tx() already has a valid ab pointer, pass it directly to avoid panic and unnecessary dereferencing. PC points to "ath12k_dp_tx+0x228/0x988 [ath12k]" LR points to "ath12k_dp_tx+0xc8/0x988 [ath12k]". The Backtrace obtained is as follows: ath12k_dp_tx+0x228/0x988 [ath12k] ath12k_mac_tx_check_max_limit+0x608/0x920 [ath12k] ieee80211_process_measurement_req+0x320/0x348 [mac80211] ieee80211_tx_dequeue+0x9ac/0x1518 [mac80211] ieee80211_tx_dequeue+0xb14/0x1518 [mac80211] ieee80211_tx_prepare_skb+0x224/0x254 [mac80211] ieee80211_xmit+0xec/0x100 [mac80211] __ieee80211_subif_start_xmit+0xc50/0xf40 [mac80211] ieee80211_subif_start_xmit+0x2e8/0x308 [mac80211] netdev_start_xmit+0x150/0x18c dev_hard_start_xmit+0x74/0xc0 Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38606 - Linux Kernel WiFi ath12k: Null Pointer Deref in Beacon Miss Handling

ar during beacon miss During beacon miss handling, ath12k driver iterates over active virtual interfaces (vifs) and attempts to access the radio object (ar) via arvif->deflink->ar. However, after commit aa80f12f3bed ("wifi: ath12k: defer vdev creation for MLO"), arvif is linked to a radio only after vdev creation, typically when a channel is assigned or a scan is requested. For P2P capable devices, a default P2P interface is created by wpa_supplicant along with regular station interfaces, these serve as dummy interfaces for P2P-capable stations, lack an associated netdev and initiate frequent scans to discover neighbor p2p devices. When a scan is initiated on such P2P vifs, driver selects destination radio (ar) based on scan frequency, creates a scan vdev, and attaches arvif to the radio. Once the scan completes or is aborted, the scan vdev is deleted, detaching arvif from the radio and leaving arvif->ar uninitialized. While handling beacon miss for station interfaces, P2P interface is also encountered in the vif iteration and ath12k_mac_handle_beacon_miss_iter() tries to dereference the uninitialized arvif->deflink->ar. Fix this by verifying that vdev is created for the arvif before accessing its ar during beacon miss handling and similar vif iterator callbacks. ========================================================================== wlp6s0: detected beacon loss from AP (missed 7 beacons) - probing KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] CPU: 5 UID: 0 PID: 0 Comm: swapper/5 Not tainted 6.16.0-rc1-wt-ath+ #2 PREEMPT(full) RIP: 0010:ath12k_mac_handle_beacon_miss_iter+0xb5/0x1a0 [ath12k] Call Trace: __iterate_interfaces+0x11a/0x410 [mac80211] ieee80211_iterate_active_interfaces_atomic+0x61/0x140 [mac80211] ath12k_mac_handle_beacon_miss+0xa1/0xf0 [ath12k] ath12k_roam_event+0x393/0x560 [ath12k] ath12k_wmi_op_rx+0x1486/0x28c0 [ath12k] ath12k_htc_process_trailer.isra.0+0x2fb/0x620 [ath12k] ath12k_htc_rx_completion_handler+0x448/0x830 [ath12k] ath12k_ce_recv_process_cb+0x549/0x9e0 [ath12k] ath12k_ce_per_engine_service+0xbe/0xf0 [ath12k] ath12k_pci_ce_workqueue+0x69/0x120 [ath12k] process_one_work+0xe3a/0x1430 Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1 Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.1.c5-00284.1-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38607 - Linux Kernel BPF Conditional Jump Vulnerability

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38608 - Linux Kernel ktls Uninitialized Data Corruption

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38609 - Linux Kernel Null Pointer Dereference in devfreq Governor

name Commit 96ffcdf239de ("PM / devfreq: Remove redundant governor_name from struct devfreq") removes governor_name and uses governor->name to replace it. But devfreq->governor may be NULL and directly using devfreq->governor->name may cause null pointer exception. Move the check of governor to before using governor->name. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38610 - Linux Powercap DTPM CPU NULL Pointer Dereference

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38611 - Linux Kernel vmci Information Leak Vulnerability

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38612 - Linux Kernel Fbtft Framebuffer Memory Leak Vulnerability

pagerefs is not freed. Fix that by adding the cleanup function on the error path. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38613 - Linux Kernel GPib Buffer Overflow

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38614 - Linux Kernel Eventpoll Recursive Depth Unlimited Link Formation Vulnerability

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38615 - "NTFS3 Linux Kernel Live Inode Eviction Vulnerability"

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-51506 - HRForecast Suite SmartLibrary SQL Injection Vulnerability

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-52478 - n8n Cross-Site Scripting (XSS) Vulnerability

= 1.98.2. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-54411 - Discourse Welcome Banner XSS Vulnerability

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-54880 - Mermaid Cross Site Scripting (XSS) Vulnerability

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38598 - AMDGPU Use-After-Free Vulnerability

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38599 - "TP-Link Wireless WiFi Out-Of-Boundary Access Vulnerability"

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38600 - "Qualcomm Atheros WiFi Off-By-One Array Indexing Vulnerability"

ssids[] and sreq->ssids[] arrays have MT7925_RNR_SCAN_MAX_BSSIDS elements so this >= needs to be > to prevent an out of bounds access. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38601 - Qualcomm Atheros Wi-Fi ath11k: Page Fault due to Uninitialized Flag

initialized flag. 3) Second ath11k_hal_dump_srng_stats() call sees stale ->initialized flag and attempts to dump srng stats: Last interrupt received for each group: ath11k_pci 0000:01:00.0: group_id 0 66785ms before ath11k_pci 0000:01:00.0: group_id 1 14485062ms before ath11k_pci 0000:01:00.0: group_id 2 14485062ms before ath11k_pci 0000:01:00.0: group_id 3 14485062ms before ath11k_pci 0000:01:00.0: group_id 4 14780845ms before ath11k_pci 0000:01:00.0: group_id 5 14780845ms before ath11k_pci 0000:01:00.0: group_id 6 14485062ms before ath11k_pci 0000:01:00.0: group_id 7 66814ms before ath11k_pci 0000:01:00.0: group_id 8 68997ms before ath11k_pci 0000:01:00.0: group_id 9 67588ms before ath11k_pci 0000:01:00.0: group_id 10 69511ms before BUG: unable to handle page fault for address: ffffa007404eb010 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0 Oops: 0000 [#1] PREEMPT SMP NOPTI RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k] Call Trace: ? __die_body+0xae/0xb0 ? page_fault_oops+0x381/0x3e0 ? exc_page_fault+0x69/0xa0 ? asm_exc_page_fault+0x22/0x30 ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)] ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)] worker_thread+0x389/0x930 kthread+0x149/0x170 Clear per-list ->initialized flag in ath11k_hal_srng_deinit(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38602 - "iwlwifi NULL Pointer Dereference Vulnerability"

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38603 - AMDGPU Slab-Use-After-Free Vulnerability

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38604 - "RTL8187: Null Pointer Dereference in Wireless Driver"

]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-43738 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-50434 - Appian Enterprise Business Process Management Remote Code Execution

]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-50938 - Hustoj XSS

]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-51539 - EzGED3 PHP File Read Vulnerability

]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-51540 - EzGED3 Password Hashing Weakness (Insecure Hashing Scheme)

]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-8782 - Apache Apache HTTP Server Remote Code Execution

]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-9145 - Scada-LTS SVG File Handler Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-9146 - Linksys E5600 Remote Cryptographic Algorithm Manipulation Vulnerability

]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-50579 - Nginx Proxy Manager Cross-Origin Resource Sharing (CORS) Misconfiguration

]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-50897 - Riscv-Boom SonicBOOM MMU Write Permission Fault

]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-51487 - MoonShine Stored XSS

]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-51488 - MoonShine Stored Cross-Site Scripting (XSS)

]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-51489 - MoonShine File Upload Code Execution Vulnerability

]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-51510 - MoonShine SQL Injection

]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-51529 - Jonkastonka Cookies and Content Security Policy AJAX Denial of Service

]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-9143 - Scada-LTS Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-9144 - Scada-LTS Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-43739 - Liferay Portal: Email Spoofing Vulnerability

]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-4044 - Lexmark XML XXE Disclosure

]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-4046 - Lexmark Cloud Services Badge Management Authorization Bypass

]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-4690 - AngularJS Linky Filter Regular Expression Denial of Service (ReDoS)

]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-50461 - Volcengine Verl Deserialization Code Execution Vulnerability

]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-50567 - Saurus CMS SQL Injection

]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-54336 - Plesk Obsidian Authentication Bypass Vulnerability

]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-9140 - Shanghai Lingdang Information Technology Lingdang CRM SQL Injection Vulnerability

]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2024-45062 - OpenPrinting ippusbxd Stack Based Buffer Overflow Vulnerability

]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-43740 - Liferay Portal Stored Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 13:15:00 GMT

read more

CVE-2025-9137 - Scada-LTS Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 13:15:00 GMT

read more

CVE-2025-9138 - Scada-LTS Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 13:15:00 GMT

read more

CVE-2025-9139 - Scada-LTS Remote Information Disclosure Vulnerability

]]>

Tue, 19 Aug 2025 13:15:00 GMT

read more

CVE-2025-9136 - RetroArch Out-of-Bounds Read Vulnerability

]]>

Tue, 19 Aug 2025 12:15:00 GMT

read more

CVE-2025-9134 - "AfterShip Package Tracker App Android Component Export Vulnerability"

]]>

Tue, 19 Aug 2025 11:15:00 GMT

read more

CVE-2025-9135 - Verkehrsauskunft Österreich SmartRide Android Application Component Export

]]>

Tue, 19 Aug 2025 11:15:00 GMT

read more

CVE-2025-8783 - WordPress Contact Manager Stored Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 11:15:00 GMT

read more

CVE-2025-41685 - Sunny Portal Username Disclosure

]]>

Tue, 19 Aug 2025 09:15:00 GMT

read more

CVE-2025-41689 - Cisco IoT Device Authentication Bypass Vulnerability

]]>

Tue, 19 Aug 2025 09:15:00 GMT

read more

CVE-2025-8567 - Nexter Blocks WordPress Stored Cross-Site Scripting Vulnerability

]]>

Tue, 19 Aug 2025 09:15:00 GMT

read more

CVE-2025-7654 - FunnelKit Sensitive Information Exposure Vulnerability

]]>

Tue, 19 Aug 2025 08:15:00 GMT

read more

CVE-2025-7670 - WordPress JS Archive List SQL Injection Vulnerability

]]>

Tue, 19 Aug 2025 08:15:00 GMT

read more

CVE-2025-8622 - WordPress Flexible Map Stored Cross-Site Scripting

]]>

Tue, 19 Aug 2025 08:15:00 GMT

read more

CVE-2025-8723 - Cloudflare WordPress Image Resizing Plugin Remote Code Execution

]]>

Tue, 19 Aug 2025 08:15:00 GMT

read more

CVE-2025-8218 - WordPress Properties Directory Theme Role Escalation Vulnerability

]]>

Tue, 19 Aug 2025 07:15:00 GMT

read more

CVE-2025-6758 - WordPress Properties Directory Theme Privilege Escalation

]]>

Tue, 19 Aug 2025 07:15:00 GMT

read more

CVE-2025-38553 - Linux Kernel Netem Qdisc Tree Duplication Vulnerability

]]>

Tue, 19 Aug 2025 06:15:00 GMT

read more

CVE-2025-5417 - Red Hat Developer Hub Improper Access Control Vulnerability

]]>

Tue, 19 Aug 2025 05:15:00 GMT

read more

CVE-2025-8357 - WordPress Media Library Assistant Unauthenticated File Deletion Vulnerability

]]>

Tue, 19 Aug 2025 05:15:00 GMT

read more

CVE-2025-7496 - WPC Smart Compare for WooCommerce Stored Cross-Site Scripting (XSS)

]]>

Tue, 19 Aug 2025 04:15:00 GMT

read more

CVE-2025-57722 - Fortinet SSL/TLS Weak Key Generation

]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57723 - Apache HTTP Server Unauthenticated Remote Code Execution

]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57724 - Apache HTTP Server Denial of Service

]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57725 - Apache HTTP Server Information Disclosure

]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57718 - Apache HTTP Server SSRF

]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57719 - Apache HTTP Server Unvalidated User Input

]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57720 - Apache HTTP Server Unvalidated User Input

]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57721 - Apache HTTP Server Authentication Bypass

]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57717 - Apache HTTP Server Unvalidated User Input

]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-54156 - Sante PACS Server Unencrypted Credential Exposure

]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-54759 - Sante PACS Server Stored Cross-Site Scripting (XSS) Vulnerability

]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-54862 - Sante PACS Server Stored Cross-Site Scripting (XSS)

]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-46269 - Ashlar-Vellum Cobalt Heap-Based Buffer Overflow Vulnerability

]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-52584 - Ashlar-Vellum Cobalt Heap-Based Buffer Overflow Vulnerability

]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-53948 - Sante PACS Server Denial of Service (DoS)

]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-41392 - Ashlar-Vellum Cobalt Unvalidated AR File Parsing Vulnerability

]]>

Mon, 18 Aug 2025 21:15:00 GMT

read more

CVE-2025-53705 - Ashlar-Vellum Cobalt Out-of-Bounds Write Vulnerability

]]>

Mon, 18 Aug 2025 21:15:00 GMT

read more

CVE-2025-9119 - Netis WF2419 Cross-Site Scripting Vulnerability in Wireless Settings Page

]]>

Mon, 18 Aug 2025 21:15:00 GMT

read more

CVE-2025-8098 - Lenovo PC Manager Privilege Escalation Vulnerability

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55590 - TOTOLINK A3002R Command Injection Vulnerability

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55591 - TOTOLINK-A3002R Command Injection Vulnerability

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55587 - TOTOLINK A3002R Buffer Overflow DoS

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55588 - TOTOLINK A3002R Buffer Overflow Denial of Service

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55589 - TOTOLINK A3002R OS Command Injection Vulnerability

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55586 - TOTOLINK A3002R Buffer Overflow DoS

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-32992 - Thermo Fisher Scientific ePort Authentication Bypass

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-4371 - Lenovo Web Camera Firmware Update Vulnerability

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-53192 - Apache Commons OGNL Arbitrary Code Execution Vulnerability

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55213 - OpenFGA Authorization Policy Enforcement Vulnerability

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55584 - TOTOLINK A3002R Telnet Service Insecure Credentials Vulnerability

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55585 - TOTOLINK A3002R eval Injection Vulnerability

]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-43731 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

]]>

Mon, 18 Aug 2025 19:15:00 GMT

read more

CVE-2025-55300 - Komari WebSocket Origin Bypass Remote Code Execution Vulnerability

]]>

Mon, 18 Aug 2025 18:15:00 GMT

read more

CVE-2025-7693 - "Vulnerability in CIP Controller Malformed Packet Handling"

]]>

Mon, 18 Aug 2025 18:15:00 GMT

read more

CVE-2025-55293 - Meshtastic PublicKey Overwrite Vulnerability

0) {', clearing the existing publicKey (and resetting the size to 0) for a known node. Then a new key bypasses 'if (info->user.public_key.size > 0) {', and this malicious key is stored in NodeDB. This vulnerability is fixed in 2.6.3. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 18 Aug 2025 18:15:00 GMT

read more

CVE-2025-55296 - LibreNMS Cross-Site Scripting (XSS) Vulnerability

]]>

Mon, 18 Aug 2025 18:15:00 GMT

read more

CVE-2025-55299 - VaulTLS Empty Password Authentication Bypass

]]>

Mon, 18 Aug 2025 18:15:00 GMT

read more

CVE-2025-55287 - Genealogy Family Tree Authenticated Stored Cross-Site Scripting

]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55288 - Genealogy PHP Authenticated Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55291 - Shaarli Reflected Cross-Site Scripting (XSS)

]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-3639 - Liferay Portal Authentication Bypass

]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-54234 - ColdFusion SSRF File System Read Vulnerability

]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55201 - "Apache Airflow Copier Library and CLI App File Access Vulnerability"

]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55205 - Capsule Kubernetes Namespace Label Injection Vulnerability

]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55214 - Copier Path Traversal Vulnerability

]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55282 - Aiven Db-Migrate Privilege Escalation Vulnerability

]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55283 - Aiven DB Migrate Privilege Escalation Vulnerability

]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-54117 - NamelessMC Cross-Site Scripting (XSS) Vulnerability

]]>

Mon, 18 Aug 2025 16:15:00 GMT

read more

CVE-2025-54118 - NamelessMC Unauthenticated Sensitive Information Disclosure

]]>

Mon, 18 Aug 2025 16:15:00 GMT

read more

CVE-2025-54421 - NamelessMC Cross-Site Scripting (XSS)

]]>

Mon, 18 Aug 2025 16:15:00 GMT

read more

CVE-2025-27909 - IBM Concert Software CORS Privilege Escalation

]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-33090 - IBM Concert Software Regular Expression Denial of Service

]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-33100 - IBM Concert Software Credentials Hardcoding Vulnerability

]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-36120 - IBM Storage Virtualize SSH Privilege Escalation Vulnerability

]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-43732 - Liferay Portal Liferay Roles Selector IDOR

]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-4962 - Lunary API IDOR

]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2024-49827 - IBM Concert Software Information Disclosure

]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-1759 - IBM Concert Software Heap Information Disclosure Vulnerability

]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-43733 - Liferay Portal Cross-Site Scripting (XSS) Vulnerability

]]>

Mon, 18 Aug 2025 13:15:00 GMT

read more

CVE-2025-41242 - Apache Tomcat and Eclipse Jetty Spring Framework MVC Path Traversal Vulnerability

]]>

Mon, 18 Aug 2025 09:15:00 GMT

read more

CVE-2025-47206 - File Station Out-of-Bounds Write Vulnerability

]]>

Mon, 18 Aug 2025 09:15:00 GMT

read more

CVE-2025-5296 - Apache Link Following Privilege Escalation

]]>

Mon, 18 Aug 2025 08:15:00 GMT

read more

CVE-2025-57700 - DIAEnergie Stored Cross-site Scripting Vulnerability

]]>

Mon, 18 Aug 2025 07:15:00 GMT

read more

CVE-2025-57701 - DIAEnergie Reflected Cross-site Scripting Vulnerability

]]>

Mon, 18 Aug 2025 07:15:00 GMT

read more

CVE-2025-57702 - DIAEnergie Reflected Cross-site Scripting

]]>

Mon, 18 Aug 2025 07:15:00 GMT

read more

CVE-2025-57703 - DIAEnergie Reflected Cross-site Scripting Vulnerability

]]>

Mon, 18 Aug 2025 07:15:00 GMT

read more

CVE-2025-6625 - Cisco FTP Denial Of Service

]]>

Mon, 18 Aug 2025 07:15:00 GMT

read more

CVE-2025-9108 - Apache Struts Cross-Site Scripting (XSS)

]]>

Mon, 18 Aug 2025 06:15:00 GMT

read more

CVE-2025-9109 - Portabilis i-Diario Password Recovery Endpoint Remote Response Discrepancy Vulnerability

]]>

Mon, 18 Aug 2025 06:15:00 GMT

read more

CVE-2025-9106 - Portabilis i-Diario Cross-Site Scripting Vulnerability

]]>

Mon, 18 Aug 2025 05:15:00 GMT

read more

CVE-2025-9107 - Portabilis i-Diario Cross-Site Scripting Vulnerability

]]>

Mon, 18 Aug 2025 05:15:00 GMT

read more

CVE-2025-9105 - Portabilis i-Diario Cross Site Scripting Vulnerability

]]>

Mon, 18 Aug 2025 04:15:00 GMT

read more

CVE-2025-9103 - ZenCart CKEditor Cross-Site Scripting Vulnerability

]]>

Mon, 18 Aug 2025 04:15:00 GMT

read more

CVE-2025-9104 - Portabilis i-Diario Cross-Site Scripting Vulnerability

]]>

Mon, 18 Aug 2025 04:15:00 GMT

read more

CVE-2025-9102 - "11 Mail Media mail.com App Android Improper Component Export Vulnerability"

]]>

Mon, 18 Aug 2025 03:15:00 GMT

read more

CVE-2025-9101 - Zhenfeng13 My-Blog Cross-Site Scripting Vulnerability

]]>

Mon, 18 Aug 2025 03:15:00 GMT

read more

CVE-2025-9100 - Zhenfeng13 My-Blog Authentication Bypass Vulnerability

]]>

Mon, 18 Aug 2025 02:15:00 GMT

read more

CVE-2025-31713 - F5 Networks Engineer Mode Command Injection Vulnerability

]]>

Mon, 18 Aug 2025 01:15:00 GMT

read more

CVE-2025-31714 - Apache HTTP Server Local Privilege Escalation Vulnerability

]]>

Mon, 18 Aug 2025 01:15:00 GMT

read more

CVE-2025-31715 - Vowifi Command Injection Vulnerability

]]>

Mon, 18 Aug 2025 01:15:00 GMT

read more

CVE-2025-9098 - "Elseplus File Recovery App Android Component Export Vulnerability"

]]>

Mon, 18 Aug 2025 01:15:00 GMT

read more

CVE-2025-9099 - Acrel Environmental Monitoring Cloud Platform Remote File Upload Vulnerability

]]>

Mon, 18 Aug 2025 01:15:00 GMT

read more

CVE-2025-9097 - Euro Information CIC Banque et Compte en Ligne Android Improper Export of Application Components Vulnerability

]]>

Mon, 18 Aug 2025 00:15:00 GMT

read more

CVE-2025-9096 - ExpressGateway Cross-Site Scripting Vulnerability

]]>

Mon, 18 Aug 2025 00:15:00 GMT

read more

CVE-2025-7342 - Kubernetes Image Builder Default Credentials Vulnerability

]]>

Sun, 17 Aug 2025 23:15:00 GMT

read more

CVE-2025-9094 - ThingsBoard Template Engine Remote Code Injection Vulnerability

]]>

Sun, 17 Aug 2025 23:15:00 GMT

read more

CVE-2025-9095 - ExpressGateway Cross-Site Scripting Vulnerability

]]>

Sun, 17 Aug 2025 23:15:00 GMT

read more

CVE-2025-9093 - BuzzFeed App Android Improper Component Export Vulnerability

]]>

Sun, 17 Aug 2025 22:15:00 GMT

read more

CVE-2025-9090 - Tenda Telnet Service Command Injection

]]>

Sun, 17 Aug 2025 03:15:00 GMT

read more

CVE-2025-9091 - Tenda AC20 Hard-Coded Credentials Vulnerability

]]>

Sun, 17 Aug 2025 03:15:00 GMT

read more

CVE-2025-9089 - Tenda AC20 Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 17 Aug 2025 00:15:00 GMT

read more

CVE-2025-9088 - Tenda AC20 Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 16 Aug 2025 23:15:00 GMT

read more

CVE-2025-9087 - Tenda AC20 Stack-Based Buffer Overflow

]]>

Sat, 16 Aug 2025 23:15:00 GMT

read more

CVE-2023-4515 - "KSMBD SMB2 Command Size Validation Vulnerability"

]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-32249 - Samba Linux kernel Guest User Access Multichannel Vulnerability

]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-3865 - KSMultiMediaBroadcaster Out-of-Bounds Read Vulnerability

NextCommand. If ->NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in smb2_write. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-3866 - Samba ksmbd NULL Pointer Dereference

sess and work->tcon could be NULL. If secound request in the compound access work->sess or tcon, It cause NULL pointer dereferecing error. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-3867 - Kerberos SMB Out-of-Bounds Read Vulnerability

]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-4130 - Kerberos SMBd Buffer Length Validation Overflow

NextEntryOffset of current smb2_ea_info. ksmbd need to validate buffer length Before accessing the next ea. ksmbd should check buffer length using buf_len, not next variable. next is the start offset of current ea that got from previous ea. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-32246 - Linux Kernel - Ksmbd RCU Callback Racy Unload Vulnerability

]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2025-8878 - ProfilePress WordPress Arbitrary Shortcode Execution Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-8143 - Soledad WordPress Stored Cross-Site Scripting

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38548 - Corsair CPro Buffer Overflow Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38549 - Linux efivarfs Memory Leak

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38550 - Linux Kernel IPv6 Multicast Delayed Put Reference Vulnerability

idev in mld_del_delrec() pmc->idev is still used in ip6_mc_clear_src(), so as mld_clear_delrec() does, the reference should be put after ip6_mc_clear_src() return. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38551 - "Virtio-Net Deadlock Vulnerability"

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38552 - Linux Kernel MPTCP Subflow Creation Race Condition Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-8105 - Soledad Theme for WordPress Shortcode Execution Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-8142 - Soledad Theme for WordPress Local File Inclusion Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38544 - Linux Kernel rxrpc Call ID Preallocation Collision Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38545 - Cisco Linux Kernel Netdev Allocation Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38546 - Linux ATM Clip VCC Memory Leak

user_back. The code assumes that vcc_destroy_socket() passes NULL skb to vcc->push() when the socket is close()d, and then clip_push() frees clip_vcc. However, ioctl(ATMARPD_CTRL) sets NULL to vcc->push() in atm_init_atmarp(), resulting in memory leak. Let's serialise two ioctl() by lock_sock() and check vcc->push() in atm_init_atmarp() to prevent memleak. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38547 - Linux AXP717 ADC Channel Map Sentinel Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38542 - Linux Kernel Device Refcount Leak Vulnerability in Appletalk Net Driver

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38543 - Tegra DRM DMA API Misuse Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38541 - "Qualcomm Atheros mt76 WiFi Null Pointer Dereference Vulnerability"

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38539 - Linux kernel: Tracing Module Event Corruption

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38540 - Chicony Electronics HP 5MP Cameras HID Sensor Interface Exposé

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38532 - Linux libwx Rx Ring Descriptor Reset Vulnerability

do_reset() is called to reinitialize Rx rings. The hardware descriptor ring may retain stale values from previous sessions. And only set the length to 0 in rx_desc[0] would result in building malformed SKBs. Fix it to ensure a clean slate after device reset. [ 549.186435] [ C16] ------------[ cut here ]------------ [ 549.186457] [ C16] kernel BUG at net/core/skbuff.c:2814! [ 549.186468] [ C16] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 549.186472] [ C16] CPU: 16 UID: 0 PID: 0 Comm: swapper/16 Kdump: loaded Not tainted 6.16.0-rc4+ #23 PREEMPT(voluntary) [ 549.186476] [ C16] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024 [ 549.186478] [ C16] RIP: 0010:__pskb_pull_tail+0x3ff/0x510 [ 549.186484] [ C16] Code: 06 f0 ff 4f 34 74 7b 4d 8b 8c 24 c8 00 00 00 45 8b 84 24 c0 00 00 00 e9 c8 fd ff ff 48 c7 44 24 08 00 00 00 00 e9 5e fe ff ff 0b 31 c0 e9 23 90 5b ff 41 f7 c6 ff 0f 00 00 75 bf 49 8b 06 a8 [ 549.186487] [ C16] RSP: 0018:ffffb391c0640d70 EFLAGS: 00010282 [ 549.186490] [ C16] RAX: 00000000fffffff2 RBX: ffff8fe7e4d40200 RCX: 00000000fffffff2 [ 549.186492] [ C16] RDX: ffff8fe7c3a4bf8e RSI: 0000000000000180 RDI: ffff8fe7c3a4bf40 [ 549.186494] [ C16] RBP: ffffb391c0640da8 R08: ffff8fe7c3a4c0c0 R09: 000000000000000e [ 549.186496] [ C16] R10: ffffb391c0640d88 R11: 000000000000000e R12: ffff8fe7e4d40200 [ 549.186497] [ C16] R13: 00000000fffffff2 R14: ffff8fe7fa01a000 R15: 00000000fffffff2 [ 549.186499] [ C16] FS: 0000000000000000(0000) GS:ffff8fef5ae40000(0000) knlGS:0000000000000000 [ 549.186502] [ C16] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 549.186503] [ C16] CR2: 00007f77d81d6000 CR3: 000000051a032000 CR4: 0000000000750ef0 [ 549.186505] [ C16] PKRU: 55555554 [ 549.186507] [ C16] Call Trace: [ 549.186510] [ C16] [ 549.186513] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186517] [ C16] __skb_pad+0xc7/0xf0 [ 549.186523] [ C16] wx_clean_rx_irq+0x355/0x3b0 [libwx] [ 549.186533] [ C16] wx_poll+0x92/0x120 [libwx] [ 549.186540] [ C16] __napi_poll+0x28/0x190 [ 549.186544] [ C16] net_rx_action+0x301/0x3f0 [ 549.186548] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186551] [ C16] ? __raw_spin_lock_irqsave+0x1e/0x50 [ 549.186554] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186557] [ C16] ? wake_up_nohz_cpu+0x35/0x160 [ 549.186559] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186563] [ C16] handle_softirqs+0xf9/0x2c0 [ 549.186568] [ C16] __irq_exit_rcu+0xc7/0x130 [ 549.186572] [ C16] common_interrupt+0xb8/0xd0 [ 549.186576] [ C16] [ 549.186577] [ C16] [ 549.186579] [ C16] asm_common_interrupt+0x22/0x40 [ 549.186582] [ C16] RIP: 0010:cpuidle_enter_state+0xc2/0x420 [ 549.186585] [ C16] Code: 00 00 e8 11 0e 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 0d ed 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d [ 549.186587] [ C16] RSP: 0018:ffffb391c0277e78 EFLAGS: 00000246 [ 549.186590] [ C16] RAX: ffff8fef5ae40000 RBX: 0000000000000003 RCX: 0000000000000000 [ 549.186591] [ C16] RDX: 0000007fde0faac5 RSI: ffffffff826e53f6 RDI: ffffffff826fa9b3 [ 549.186593] [ C16] RBP: ffff8fe7c3a20800 R08: 0000000000000002 R09: 0000000000000000 [ 549.186595] [ C16] R10: 0000000000000000 R11: 000000000000ffff R12: ffffffff82ed7a40 [ 549.186596] [ C16] R13: 0000007fde0faac5 R14: 0000000000000003 R15: 0000000000000000 [ 549.186601] [ C16] ? cpuidle_enter_state+0xb3/0x420 [ 549.186605] [ C16] cpuidle_en ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38533 - Linux Kernel DMA Use-After-Free Vulnerability in wx_rx_buffer

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38534 - Ceph Linux Kernel NETFS Request Offload Collection Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38535 - Linux Kernel Tegra XUSB Regulator Unbalanced Disable Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38536 - "Airoha Linux Kernel Use-After-Free Vulnerability"

name was being used after calling of_node_put(np), which releases the node and can lead to a use-after-free bug. Previously, of_node_put(np) was called unconditionally after of_find_device_by_node(np), which could result in a use-after-free if pdev is NULL. This patch moves of_node_put(np) after the error check to ensure the node is only released after both the error and success cases are handled appropriately, preventing potential resource issues. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38537 - Linux Kernel: Net PHY LED Registration Vulnerability

]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38538 - Linux Kernel DMAengine nbpfaxi Memory Corruption Vulnerability

chan[] array is allocated earlier in the nbpf_probe() function and it has "num_channels" elements. These three loops iterate one element farther than they should and corrupt memory. The changes to the second loop are more involved. In this case, we're copying data from the irqbuf[] array into the nbpf->chan[] array. If the data in irqbuf[i] is the error IRQ then we skip it, so the iterators are not in sync. I added a check to ensure that we don't go beyond the end of the irqbuf[] array. I'm pretty sure this can't happen, but it seemed harmless to add a check. On the other hand, after the loop has ended there is a check to ensure that the "chan" iterator is where we expect it to be. In the original code we went one element beyond the end of the array so the iterator wasn't in the correct place and it would always return -EINVAL. However, now it will always be in the correct place. I deleted the check since we know the result. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38503 - Here is the title:Apache Linux Btrfs Free Space Tree Vulnerability

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38504 - Linux Kernel io_uring ZCRX Use After Free

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38505 - "Mwifiex STA Interface Disassociation Frame Validation"

bssid, sdata->vif.cfg.ap_addr)), ensuring only relevant frames are processed. Tested on: - 8997 with FW 16.68.1.p197 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38506 - Oracle KVM CPU Soft Lockup Vulnerability

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38507 - Nintendo Bluetooth HID Stall and Panic Vulnerability

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38508 - "SEV-SNP Linux Kernel Secure TSC Frequency Calculation Vulnerability"

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38509 - Apache Linux WiFi Invalid Channel Width Notification Vulnerability

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38510 - Linux Kernel KASAN Deadlock Vulnerability

busy.lock) spin_lock_bh(&some_lock); spin_lock(&some_lock); kasan_report(); print_report(); print_address_description(); kasan_find_vm_area(); find_vm_area(); spin_lock(&vn->busy.lock) // deadlock! To prevent possible deadlock while kasan reports, remove kasan_find_vm_area(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38511 - Linux Kernel Xe DRM Uninitialized Data Exposure Vulnerability

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38512 - Linux Wi-Fi A-MSDU Mesh Spoofing Vulnerability

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38513 - "Linux Kernel wifi zd1211rw Null Pointer Dereference Vulnerability"

ZD_MAC_MAX_ACK_WAITERS) { filter_ack() spin_lock_irqsave(&q->lock, flags); /* position == skb_queue_len(q) */ for (i=1; itype == NL80211_IFTYPE_AP) skb = __skb_dequeue(q); spin_unlock_irqrestore(&q->lock, flags); skb_dequeue() -> NULL Since there is a small gap between checking skb queue length and skb being unconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL. Then the pointer is passed to zd_mac_tx_status() where it is dereferenced. In order to avoid potential NULL pointer dereference due to situations like above, check if skb is not NULL before passing it to zd_mac_tx_status(). Found by Linux Verification Center (linuxtesting.org) with SVACE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38514 - Linux Kernel rxrpc NULL Pointer Dereference Vulnerability

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38515 - "AMD Xe DRM Linux Kernel Queue Stalling Race Condition"

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38516 - QCOM MSM Linux Kernel GPIO Invalid Interrupt Request Vulnerability

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38517 - Linux Kernel Oracle alloc_tag: Semaphore Acquisition Vulnerability

mod_lock even when the alloc_tag_cttype is not allocated because: 1) alloc tagging is disabled because mem profiling is disabled (!alloc_tag_cttype) 2) alloc tagging is enabled, but not yet initialized (!alloc_tag_cttype) 3) alloc tagging is enabled, but failed initialization (!alloc_tag_cttype or IS_ERR(alloc_tag_cttype)) In all cases, alloc_tag_cttype is not allocated, and therefore alloc_tag_top_users() should not attempt to acquire the semaphore. This leads to a crash on memory allocation failure by attempting to acquire a non-existent semaphore: Oops: general protection fault, probably for non-canonical address 0xdffffc000000001b: 0000 [#3] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x00000000000000d8-0x00000000000000df] CPU: 2 UID: 0 PID: 1 Comm: systemd Tainted: G D 6.16.0-rc2 #1 VOLUNTARY Tainted: [D]=DIE Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 RIP: 0010:down_read_trylock+0xaa/0x3b0 Code: d0 7c 08 84 d2 0f 85 a0 02 00 00 8b 0d df 31 dd 04 85 c9 75 29 48 b8 00 00 00 00 00 fc ff df 48 8d 6b 68 48 89 ea 48 c1 ea 03 3c 02 00 0f 85 88 02 00 00 48 3b 5b 68 0f 85 53 01 00 00 65 ff RSP: 0000:ffff8881002ce9b8 EFLAGS: 00010016 RAX: dffffc0000000000 RBX: 0000000000000070 RCX: 0000000000000000 RDX: 000000000000001b RSI: 000000000000000a RDI: 0000000000000070 RBP: 00000000000000d8 R08: 0000000000000001 R09: ffffed107dde49d1 R10: ffff8883eef24e8b R11: ffff8881002cec20 R12: 1ffff11020059d37 R13: 00000000003fff7b R14: ffff8881002cec20 R15: dffffc0000000000 FS: 00007f963f21d940(0000) GS:ffff888458ca6000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f963f5edf71 CR3: 000000010672c000 CR4: 0000000000350ef0 Call Trace: codetag_trylock_module_list+0xd/0x20 alloc_tag_top_users+0x369/0x4b0 __show_mem+0x1cd/0x6e0 warn_alloc+0x2b1/0x390 __alloc_frozen_pages_noprof+0x12b9/0x21a0 alloc_pages_mpol+0x135/0x3e0 alloc_slab_page+0x82/0xe0 new_slab+0x212/0x240 ___slab_alloc+0x82a/0xe00 As David Wang points out, this issue became easier to trigger after commit 780138b12381 ("alloc_tag: check mem_profiling_support in alloc_tag_init"). Before the commit, the issue occurred only when it failed to allocate and initialize alloc_tag_cttype or if a memory allocation fails before alloc_tag_init() is called. After the commit, it can be easily triggered when memory profiling is compiled but disabled at boot. To properly determine whether alloc_tag_init() has been called and its data structures initialized, verify that alloc_tag_cttype is a valid pointer before acquiring the semaphore. If the variable is NULL or an error value, it has not been properly initialized. In such a case, just skip and do not attempt to acquire the semaphore. [harry.yoo@oracle.com: v3] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38518 - AMD Cyan Skillfish CPUID Information Disclosure

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38519 - "Linux Kernel Divide by Zero Vulnerability in damon_get_intervals_score()"

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38520 - AMDGPU Linux Kernel Deadlock Vulnerability

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38521 - Imagination DRM GPU Runtime PM Callbacks Vulnerability

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-9092 - Bouncy Castle for Java - BC-FJA Uncontrolled Resource Consumption Denial of Service

]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38502 - Linux Kernel BPF Cgroup Local Storage Out-of-Bounds Access

bpf_ctx, struct bpf_cg_run_ctx, run_ctx); storage = ctx->prog_item->cgroup_storage[stype]; if (stype == BPF_CGROUP_STORAGE_SHARED) ptr = &READ_ONCE(storage->buf)->data[0]; else ptr = this_cpu_ptr(storage->percpu_buf); For the second program which was called from the originally attached one, this means bpf_get_local_storage() will pick up the former program's map, not its own. With mismatching sizes, this can result in an unintended out-of-bounds access. To fix this issue, we need to extend bpf_map_owner with an array of storage_cookie[] to match on i) the exact maps from the original program if the second program was using bpf_get_local_storage(), or ii) allow the tail call combination if the second program was not using any of the cgroup local storage maps. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 16 Aug 2025 10:15:00 GMT

read more

CVE-2025-8719 - WordPress gTranslate Stored Cross-Site Scripting Vulnerability

]]>

Sat, 16 Aug 2025 09:15:00 GMT

read more

CVE-2025-7499 - BetterDocs – Unauthorized Data Access Vulnerability

]]>

Sat, 16 Aug 2025 08:15:00 GMT

read more

CVE-2025-8464 - WordPress Contact Form 7 Drag and Drop Multiple File Upload Directory Traversal Vulnerability

]]>

Sat, 16 Aug 2025 08:15:00 GMT

read more

CVE-2025-8898 - WordPress E-cab Plugin Privilege Escalation Vulnerability

]]>

Sat, 16 Aug 2025 07:15:00 GMT

read more

CVE-2025-8089 - WordPress Advanced iFrame Stored Cross-Site Scripting Vulnerability

]]>

Sat, 16 Aug 2025 07:15:00 GMT

read more

CVE-2025-8896 - WordPress User Profile Builder Stored Cross-Site Scripting Vulnerability

]]>

Sat, 16 Aug 2025 07:15:00 GMT

read more

CVE-2025-38501 - KSMBD Connection Flood Denial of Service Vulnerability

]]>

Sat, 16 Aug 2025 06:15:00 GMT

read more

CVE-2025-8113 - Ebook Store WordPress Cross-Site Scripting (XSS)

]]>

Sat, 16 Aug 2025 06:15:00 GMT

read more

CVE-2025-6221 - Bokun Embed WordPress Stored Cross-Site Scripting Vulnerability

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7439 - Anber Elementor Addon WordPress Stored Cross-Site Scripting

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7440 - Anber Elementor Addon for WordPress Stored Cross-Site Scripting Vulnerability

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7441 - StoryChief WordPress Arbitrary File Upload Vulnerability

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7649 - Surbma Recent Comments Shortcode Stored Cross-Site Scripting

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7651 - Earnware Connect Stored Cross-Site Scripting (XSS)

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7664 - WordPress AL Pack Origin Header Validation Bypass

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7668 - WordPress Linux Promotional Plugin CSRF Vulnerability

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7683 - WordPress LatestCheckins CSRF

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7684 - Last.fm Recent Album Artwork Plugin for WordPress CSRF Vulnerability

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7686 - Weichuncai WP Pseudo Spring CSRF

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-8293 - WordPress Intl DateTime Calendar Plugin Stored Cross-Site Scripting Vulnerability

]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2024-12612 - "Wordpress School Management System SQL Injection"

]]>

Sat, 16 Aug 2025 04:15:00 GMT

read more

CVE-2024-8393 - Woolook Woocommerce Blocks WordPress Local File Inclusion Vulnerability

]]>

Sat, 16 Aug 2025 04:15:00 GMT

read more

CVE-2025-3671 - "Wordpress Gym Management System - Local File Inclusion Vulnerability"

]]>

Sat, 16 Aug 2025 04:15:00 GMT

read more

CVE-2025-6079 - "WordPress School Management System File Upload Vulnerability"

]]>

Sat, 16 Aug 2025 04:15:00 GMT

read more

CVE-2025-6080 - "Wordpress Gym Management System Unauthenticated Admin Account Creation Vulnerability"

]]>

Sat, 16 Aug 2025 04:15:00 GMT

read more

CVE-2024-12575 - WordPress Poll Maker Basic Information Exposure

]]>

Sat, 16 Aug 2025 03:15:00 GMT

read more

CVE-2025-49895 - PluginBuddy.Com ServerBuddy CSRF Object Injection Vulnerability

]]>

Sat, 16 Aug 2025 03:15:00 GMT

read more

CVE-2025-55284 - Claude Code File Disclosure and Network Exfiltration

]]>

Sat, 16 Aug 2025 02:15:00 GMT

read more

CVE-2025-55286 - Z2D MSAA Buffer Overflow Vulnerability

]]>

Sat, 16 Aug 2025 01:15:00 GMT

read more

CVE-2017-20199 - Buttercup Buttercup-Browser-Extension Remote Improper Access Control Vulnerability

]]>

Sat, 16 Aug 2025 00:15:00 GMT

read more

CVE-2025-52619 - HCL BigFix SaaS Authentication Service Sensitive Information Disclosure

]]>

Fri, 15 Aug 2025 23:15:00 GMT

read more

CVE-2025-52620 - HCL BigFix XSS Vulnerability in Image Upload Functionality

]]>

Fri, 15 Aug 2025 23:15:00 GMT

read more

CVE-2025-52621 - HCL BigFix SaaS Origin Header Cache Poisoning

]]>

Fri, 15 Aug 2025 23:15:00 GMT

read more

CVE-2025-52618 - HCL BigFix SQL Injection

]]>

Fri, 15 Aug 2025 23:15:00 GMT

read more

CVE-2025-43201 - Apple Music Classical Credential Disclosure

]]>

Fri, 15 Aug 2025 22:15:00 GMT

read more

CVE-2025-44201 - Apache None-Severity

]]>

Fri, 15 Aug 2025 21:15:00 GMT

read more

CVE-2025-8959 - HashiCorp Go-Getter Symlink Read Access Vulnerability

]]>

Fri, 15 Aug 2025 21:15:00 GMT

read more

CVE-2025-36088 - IBM TS4500 Cross-Site Scripting Vulnerability

]]>

Fri, 15 Aug 2025 20:15:00 GMT

read more

CVE-2025-43490 - HP Hotkey Support HPAAudioAnalytics Escalation of Privilege Vulnerability

]]>

Fri, 15 Aug 2025 19:15:00 GMT

read more

CVE-2025-55285 - Backstage Plugin Scaffolder Backend Information Disclosure

]]>

Fri, 15 Aug 2025 18:15:00 GMT

read more

CVE-2025-7961 - Wulkano KAP Code Injection Vulnerability

]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8092 - "Drupal COOKiES Consent Management Cross-Site Scripting"

]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8361 - Drupal Config Pages Missing Authorization Vulnerability

]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8362 - Drupal GoogleTag Manager Cross-Site Scripting (XSS)

]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8675 - Drupal AI SEO Link Advisor SSRF

]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8995 - Drupal Authenticator Login Authentication Bypass

]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8996 - Drupal Layout Builder Advanced Permissions Missing Authorization

]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-9060 - MSoft MFlash Remote Code Execution Vulnerability

]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-55207 - Astro Open Redirect Vulnerability

]]>

Fri, 15 Aug 2025 16:15:00 GMT

read more

CVE-2025-8066 - Bunkerity Bunker Web Open Redirect Phishing

]]>

Fri, 15 Aug 2025 16:15:00 GMT

read more

CVE-2025-49432 - FWDesign Ultimate Video Player Missing Authorization Vulnerability

]]>

Fri, 15 Aug 2025 16:15:00 GMT

read more

CVE-2025-49897 - Gopiplus Vertical Scroll Slideshow Gallery SQL Injection

]]>

Fri, 15 Aug 2025 16:15:00 GMT

read more

CVE-2025-49898 - Xolluteon Dropshix Cross-site Scripting (XSS)

]]>

Fri, 15 Aug 2025 16:15:00 GMT

read more

CVE-2025-5047 - Autodesk AutoCAD Uninitialized Variable Vulnerability

]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-5048 - Autodesk AutoCAD DGN File Memory Corruption Vulnerability

]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-24975 - Firebird Database Segfault and Encryption Key Vulnerability

]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-54466 - Apache OFBiz Scrum Plugin Code Injection Vulnerability

]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-54989 - Firebird XDR Message Parsing Denial-of-Service

]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-55203 - Plane Stored XSS Vulnerability

]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-5046 - Autodesk AutoCAD Out-of-Bounds Read Vulnerability

]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2024-12573 - Apache Web Server Authentication Bypass

]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-9052 - Projectworlds Travel Management System SQL Injection Vulnerability

]]>

Fri, 15 Aug 2025 13:15:00 GMT

read more

CVE-2025-9053 - Projectworlds Travel Management System SQL Injection

]]>

Fri, 15 Aug 2025 13:15:00 GMT

read more

CVE-2025-9050 - "Projectworlds Travel Management System SQL Injection Vulnerability"

]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-9051 - Projectworlds Travel Management System SQL Injection Vulnerability

]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-1929 - Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı SQL Injection Vulnerability

]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-54473 - Joomla Phoca Commander Authenticated Remote Code Execution

]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-54474 - "DJ-Classifieds SQL Injection Vulnerability"

]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-54475 - "Joomla JS Jobs Plugin SQL Injection Vulnerability"

]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-26709 - ZTE F50 Web Module Unauthorized Access Vulnerability

]]>

Fri, 15 Aug 2025 11:15:00 GMT

read more

CVE-2025-9028 - "Code-projects Online Medicine Guide SQL Injection Vulnerability"

]]>

Fri, 15 Aug 2025 11:15:00 GMT

read more

CVE-2025-9046 - Tenda AC20 Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 15 Aug 2025 11:15:00 GMT

read more

CVE-2025-9047 - Projectworlds Visitor Management System SQL Injection

]]>

Fri, 15 Aug 2025 11:15:00 GMT

read more

CVE-2025-9026 - D-Link DIR-860L OS Command Injection Vulnerability

]]>

Fri, 15 Aug 2025 10:15:00 GMT

read more

CVE-2025-9027 - "Code-Projects Online Medicine Guide SQL Injection"

]]>

Fri, 15 Aug 2025 10:15:00 GMT

read more

CVE-2025-9023 - Tenda AC7/AC18 Buffer Overflow in formSetSchedLed

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-9024 - PHPGurukul Beauty Parlour Management System SQL Injection Vulnerability

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-9025 - Simple Cafe Ordering System SQL Injection Vulnerability

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7650 - WordPress BizCalendar Local File Inclusion Vulnerability

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7662 - WordPress Gestion de Tarifs SQL Injection

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7688 - WordPress Add User Meta CSRF

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7778 - WordPress Icons Factory Plugin Arbitrary File Deletion Vulnerability

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-8080 - WordPress Alobaidi Captcha Stored Cross-Site Scripting

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-8091 - WordPress EventON Lite Information Exposure Vulnerability

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-8720 - WordPress Plugin README Parser Stored Cross-Site Scripting Vulnerability

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-8905 - WordPress Inpersttion For Theme Remote Code Execution

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-5844 - WordPress Radius Blocks Stored Cross-Site Scripting Vulnerability

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7507 - WordPress elink Embed Content Plugin Malicious Redirect Vulnerability

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7641 - "NextGEN Gallery Directory Deletion Vulnerability"

]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-8604 - WordPress Table Plugin - WP Table Builder Stored Cross-Site Scripting Vulnerability

]]>

Fri, 15 Aug 2025 08:15:00 GMT

read more

CVE-2025-9020 - "PX4 Mavlink Shell Use After Free Vulnerability"

]]>

Fri, 15 Aug 2025 08:15:00 GMT

read more

CVE-2025-9021 - SourceCodester Online Bank Management System SQL Injection

]]>

Fri, 15 Aug 2025 08:15:00 GMT

read more

CVE-2025-9022 - SourceCodester Online Bank Management System SQL Injection Vulnerability

]]>

Fri, 15 Aug 2025 08:15:00 GMT

read more

CVE-2025-9019 - "tcpreplay Heap-Based Buffer Overflow Vulnerability"

]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-6679 - Bit Form for WordPress Remote File Upload Vulnerability

]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-8013 - Quttera Web Malware Scanner for WordPress SSRF

]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-8451 - Elementor Essential Addons DOM-Based Stored Cross-Site Scripting (XSS)

]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-9016 - Mechrevo Control Center GX Powershell Uncontrolled Search Path Vulnerability

]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-9017 - PHPGurukul Zoo Management System Cross Site Scripting Vulnerability

]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-9013 - "PHPGurukul Online Shopping Portal Project SQL Injection Vulnerability"

]]>

Fri, 15 Aug 2025 06:15:00 GMT

read more

CVE-2025-9012 - "PHPGurukul Online Shopping Portal Project SQL Injection Vulnerability"

]]>

Fri, 15 Aug 2025 06:15:00 GMT

read more

CVE-2025-31961 - HCL Connections Broken Access Control Vulnerability

]]>

Fri, 15 Aug 2025 05:15:00 GMT

read more

CVE-2025-9009 - "iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability"

]]>

Fri, 15 Aug 2025 05:15:00 GMT

read more

CVE-2025-9010 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Fri, 15 Aug 2025 05:15:00 GMT

read more

CVE-2025-9011 - PHPGurukul Online Shopping Portal Project SQL Injection

]]>

Fri, 15 Aug 2025 05:15:00 GMT

read more

CVE-2025-9007 - Tenda CH22 Buffer Overflow Vulnerability

]]>

Fri, 15 Aug 2025 04:15:00 GMT

read more

CVE-2025-9008 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Fri, 15 Aug 2025 04:15:00 GMT

read more

CVE-2025-6025 - WooCommerce Order Tip Improper Input Validation Vulnerability

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-8342 - WooCommerce OTP Login With Phone Number Authentication Bypass Vulnerability

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-8676 - Gutenberg Slider Block for WP Sensitive Information Exposure

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-8680 - Gutenberg Slider Block for WP Server-Side Request Forgery Vulnerability

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-8867 - Graphina Elementor Charts and Graphs WordPress Stored Cross-Site Scripting Vulnerability

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9001 - LemonOS HTTP Client Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9002 - Surbowl Dormitory-Management-Php SQL Injection Vulnerability

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9003 - D-Link DIR-818LW DHCP Reserved Address Handler Cross-Site Scripting Vulnerability

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9004 - Mtons MBlog Authentication Bypass Vulnerability

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9005 - Mtons Mblogger Information Exposure Vulnerability

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9006 - Tenda CH22 Buffer Overflow Vulnerability

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55719 - Apache HTTP Server SQL Injection

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55720 - Apache HTTP Server Unvalidated Request Parameter

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55721 - Apache HTTP Server Cross-Site Request Forgery

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55722 - Apache Struts Cross-Site Scripting (XSS)

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55723 - Apache HTTP Server Cross-Site Request Forgery

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55724 - Apache Struts Remote Code Execution

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55725 - Apache HTTP Server Command Injection

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55726 - Apache Server Cross-Site Request Forgery

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55718 - Apache HTTP Server Unvalidated Request Parameter

]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-8992 - Mtons Mblog Cross-Site Request Forgery (CSRF)

]]>

Fri, 15 Aug 2025 02:15:00 GMT

read more

CVE-2025-8993 - iSourcecode Online Tour and Travel Management System SQL Injection

]]>

Fri, 15 Aug 2025 02:15:00 GMT

read more

CVE-2025-9000 - Mechrevo Control Center GX Path Traversal

]]>

Fri, 15 Aug 2025 02:15:00 GMT

read more

CVE-2025-8990 - Code-projects Online Medicine Guide SQL Injection Vulnerability

]]>

Fri, 15 Aug 2025 01:16:00 GMT

read more

CVE-2025-8991 - Linlinjava Litemall Business Logic Handler Remote Code Execution Vulnerability

]]>

Fri, 15 Aug 2025 01:16:00 GMT

read more

CVE-2025-8989 - SourceCodester COVID 19 Testing Management System SQL Injection

]]>

Fri, 15 Aug 2025 01:16:00 GMT

read more

CVE-2025-31987 - HCL Connections Denial of Service

]]>

Thu, 14 Aug 2025 23:15:00 GMT

read more

CVE-2025-8987 - SourceCodester COVID 19 Testing Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 23:15:00 GMT

read more

CVE-2025-8988 - SourceCodester COVID 19 Testing Management System SQL Injection

]]>

Thu, 14 Aug 2025 23:15:00 GMT

read more

CVE-2025-8984 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 22:15:00 GMT

read more

CVE-2025-8985 - SourceCodester COVID 19 Testing Management System SQL Injection

]]>

Thu, 14 Aug 2025 22:15:00 GMT

read more

CVE-2025-8986 - SourceCodester COVID 19 Testing Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 22:15:00 GMT

read more

CVE-2025-8982 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 21:15:00 GMT

read more

CVE-2025-8983 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 21:15:00 GMT

read more

CVE-2025-50861 - Lotus Cars Android App Unauthenticated Access Vulnerability

]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-50862 - Lotus Cars Android App Data Exfiltration Vulnerability

]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-51965 - OURPHP Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-8979 - "Tenda AC15 Firmware Update Handler Authenticity Verification Vulnerability"

]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-8980 - Tenda Firmware Update Handler Insufficient Data Authenticity Remote Vulnerability

]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-8981 - iSourcecode Online Tour and Travel Management System SQL Injection

]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-55711 - WordPress Table Builder Stored Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55712 - POSIMYTH The Plus Addons for Elementor Page Builder Lite Missing Authorization Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55713 - Blocksy Stored Cross-Site Scripting

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55714 - Crocoblock JetElements For Elementor Cross-site Scripting (XSS)

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55716 - VeronaLabs WP Statistics Missing Authorization Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-8975 - Givanz Vvveb Cross-Site Scripting Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-8976 - "Givanz Vvveb Endpoint Cross-Site Scripting Vulnerability"

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-8978 - D-Link DIR-619L Boa Authentication Bypass Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55708 - ExpressTech Systems Quiz And Survey Master SQL Injection

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55709 - Visual Composer Website Builder Stored Cross-site Scripting Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55710 - TaxoPress Information Disclosure

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54736 - NordicMade Savoy Information Exposure

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54739 - Nexter Blocks Missing Authorization Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54740 - Michael Nelson Print My Blog Stored Cross-site Scripting

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54746 - Cartpauj Shortcode Redirect Cross-site Scripting

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54747 - WordPress Templatera Cross-Site Scripting (XSS)

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54749 - Crocoblock JetProductGallery Cross-site Scripting

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54730 - PARETO Digital Embedder for Google Reviews Missing Authorization Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54732 - Shahjada WPDM Premium Packages CSRF Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54712 - Hashthemes Easy Elementor Addons Missing Authorization Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54715 - UKR Solution Barcode Scanner with Inventory Order Manager Path Traversal

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54717 - e-Plugins WP Membership Missing Authorization Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54727 - CreativeMindsSolutions CM On Demand Search And Replace Stored Cross-site Scripting

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54728 - CreativeMindsSolutions CM On Demand Search And Replace CSRF Vulnerability

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54729 - Webba Booking Cross-site Scripting

]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2023-43687 - Malwarebytes Race Condition Code Execution Vulnerability

]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2024-37945 - Elementor Page Builder WPBITS Addons Stored Cross-site Scripting (XSS)

]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-21110 - Dell Data Lakehouse Privilege Escalation Vulnerability

]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-51986 - FreeMODBUS Demo/LINUXTCP Infinite Loop Vulnerability

]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-52335 - EyouCMS Cross Site Scripting (XSS)

]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-8972 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-8973 - SourceCodester Cashier Queuing System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-8974 - Litemall JSON Web Token Handler Remote Hard-Coded Credentials Vulnerability

]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-20254 - Cisco Secure Firewall ASA/FTD IKEv2 Packet Parsing Denial of Service

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20263 - Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20265 - "Cisco Secure Firewall Management Center RADIUS Command Injection Vulnerability"

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20268 - "Cisco Secure Firewall Threat Defense (FTD) Geolocation-Based Remote Access VPN HTTP Bypass Vulnerability"

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20301 - Cisco Secure FMC Software Domain Traverse Authorization Bypass

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20302 - "Cisco Secure FMC Domain Report Access Bypass"

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20306 - Cisco Secure Firewall Management Center FMC Remote Command Execution Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-50515 - "Empirebak Phome Code Injection Vulnerability"

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-50817 - "Python-Future Arbitrary Code Execution Vulnerability"

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-55192 - Tapo-Control GitHub Actions Code Injection Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-55195 - Deno Standard Library Prototype Pollution

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-8968 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-8969 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-8970 - iSourcecode Online Tour and Travel Management System SQL Injection

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-8971 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-9039 - Amazon ECS Agent Cross-Site Access Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-9043 - Seagate Toolkit Unquoted Search Path Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20237 - "Cisco Secure Firewall Adaptive Security Appliance and FTD Software Command Injection"

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20238 - Cisco Secure Firewall ASA/FTD Command Injection Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20239 - "Cisco IKEv2 Memory Leak Vulnerability"

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20243 - Cisco Secure Firewall ASA/FTD Unauthenticated Remote DoS Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20244 - Cisco Secure Firewall Adaptive Security Appliance/Threat Defense SSL VPN HTTP Header Field Denial of Service (DoS) Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20251 - Cisco Secure Firewall ASA/FTD Remote File Creation and Deletion Vulnerability (Authentication Bypass)

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20252 - Cisco Secure Firewall Adaptive Security Appliance IKEv2 Memory Leak Denial of Service

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20253 - Cisco IKEv2 DoS Vulnerability

]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2023-43694 - Malwarebytes Out-Of-Bounds Read Denial Of Service

]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-33142 - IBM WebSphere Application Server TLS Weak Security

]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-36047 - IBM WebSphere Application Server Liberty Denial of Service

]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-50518 - Libcoap Use-After-Free Vulnerability

]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-53631 - FlaskBlog Flask XSS Vulnerability

]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-54389 - AIDE Terminal Escape Sequence Injection Vulnerability

]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-54409 - "AIDE Null Pointer Dereference Vulnerability"

]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-54867 - Youki Container Runtime RootFS Escalation

]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-8965 - "Litemall Unrestricted File Upload Vulnerability"

]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-8966 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-8967 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-36612 - Dell SupportAssist Incorrect Privilege Assignment Vulnerability

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-36613 - Dell SupportAssist Incorrect Privilege Assignment Vulnerability

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-38738 - Dell SupportAssist Incorrect Privilege Assignment

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-38745 - Dell OpenManage Enterprise Log Insertion Information Exposure

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-40758 - Mendix SAML Authentication Hijacking Vulnerability

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-43983 - KuWFi CPF908-CP5 WEB LCD Device Authentication Bypass and Command Injection

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-7971 - Rockwell Automation Studio 5000 Logix Designer Environment Variable Injection Vulnerability

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-7972 - Rockwell Automation FactoryTalk Linx Network Browser Node Validation Bypass

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-8875 - N-able N-central Deserialization of Untrusted Data Remote Code Execution Vulnerability

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-8876 - N-able N-central OS Command Injection

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-8962 - Hostel Management System Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-8964 - Code-Projects Hostel Management System Local Authentication Bypass

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-9041 - " Schneider Electric 5094-IF8 CIP Class 32 Inhibition Module Fault Vulnerability"

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-9042 - " Schneider Electric 5094-IY8 CIP Class 32 Module Inhibition Vulnerability"

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-26484 - Dell CloudLink XML External Entity Reference Denial of Service Vulnerability

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-27845 - ESPEC North America Web Controller Authentication Bypass

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-27846 - ESPEC North America Web Controller Bootloader Privilege Escalation

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-27847 - ESPEC North America Web Controller Authentication Privilege Escalation

]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2024-53945 - KuWFi 4G AC900 LTE Router Command Injection Vulnerability

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2024-53946 - KuWFi 4G LTE AC900 Router CSRF Vulnerability

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-36581 - Dell PowerEdge AMD BIOS Buffer Access Vulnerability

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-43984 - KuWFi GC111 Command Injection Vulnerability

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-55672 - Apache Superset Stored Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-55673 - Apache Superset Database Schema Disclosure

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-55674 - Apache Superset SQL Function Bypass Vulnerability

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-55675 - Apache Superset Unauthenticated Datasource Enumeration

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-7353 - Rockwell Automation ControlLogix Ethernet Modules Remote Code Execution Vulnerability

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-7773 - "Fortinet 5032 Web Server Predictable Session ID"

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-7774 - "Fortinet 5032 Session Credential Exposure Vulnerability"

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-7973 - Allen-Bradley FactoryTalk ViewPoint Privilege Escalation

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-9036 - Citrix Workspace Token Replay Vulnerability

]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2023-5342 - Apache Struts Remote Code Execution

]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8713 - PostgreSQL View and Row Security Statistics Information Disclosure

]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8714 - PostgreSQL Arbitrary Code Execution Vulnerability

]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8715 - PostgreSQL SQL Injection

]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8961 - LibTIFF TIFFcrop Heap-Based Buffer Overflow

]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8963 - Jeecgboot JimuReport Remote Deserialization Vulnerability

]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8960 - Campcodes Online Flight Booking Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 12:15:00 GMT

read more

CVE-2025-54705 - WpEvently Magepeopleteam Missing Authorization Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54706 - Noor Alam Magical Posts Display Cross-site Scripting (XSS)

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54707 - RealMag777 MDTF SQL Injection

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-8957 - Campcodes Online Flight Booking Management System SQL Injection

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-8958 - Tenda WiFi Stack-Based Buffer Overflow

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54692 - WP Swings Membership For WooCommerce Missing Authorization Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54693 - Epiphyt Form Block Unrestricted File Upload Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54694 - bPlugins Button Block CSRF Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54695 - HasTech HT Mega Missing Authorization Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54696 - WPFunnels Cross-site Scripting (XSS)

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54697 - Ben Ritner Kadence WooCommerce Email Designer Privilege Escalation Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54698 - RadiusTheme Classified Listing XSS Injection

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54699 - Masteriyo LMS Cross-site Scripting

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54700 - ThemeMove Makeaholic PHP Remote File Inclusion Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54701 - ThemeMove Unicamp PHP Remote File Inclusion Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54702 - Motov.net Ebook Store CSRF Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54703 - Prince Integrate Google Drive CSRF

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54704 - Hashthemes Easy Elementor Addons Cross-Site Scripting Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54686 - Exertio Scriptsbundle Object Injection Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54687 - Crocoblock JetTabs Cross-site Scripting Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54688 - Crocoblock JetEngine Cross-site Scripting (XSS)

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54689 - ThemBay Urna PHP Remote File Inclusion

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54690 - ThemeStek Xinterio PHP RFI Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54691 - Stylemix Motors Authorization Bypass

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54685 - Brainstorm Force SureDash Information Disclosure Vulnerability

]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-48860 - "CtrlX OS Backup Archive Privilege Escalation"

]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-48861 - CtrlX OS Task API Remote Information Disclosure

]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-48862 - CtrlX OS Unencrypted Backup File Exposure

]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-54472 - Apache bRPC Redis Protocol Parser Integer Overflow Denial of Service

]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-5998 - WordPress PPWP Password Authorization Information Disclosure

]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-8952 - Campcodes Online Flight Booking Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-8953 - SourceCodester COVID 19 Testing Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-8954 - PHPGurukul Hospital Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-27388 - Apple Safari DOM-Based Cross-Site Scripting (XSS)

]]>

Thu, 14 Aug 2025 08:15:00 GMT

read more

CVE-2025-8950 - Campcodes Online Recruitment Management System SQL Injection

]]>

Thu, 14 Aug 2025 08:15:00 GMT

read more

CVE-2025-8951 - PHPGurukul Teachers Record Management System SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 08:15:00 GMT

read more

CVE-2025-8947 - Projectworlds Visitor Management System SQL Injection

]]>

Thu, 14 Aug 2025 07:15:00 GMT

read more

CVE-2025-8948 - Projectworlds Visitor Management System SQL Injection

]]>

Thu, 14 Aug 2025 07:15:00 GMT

read more

CVE-2025-8949 - D-Link DIR-825 HTTPd Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 14 Aug 2025 07:15:00 GMT

read more

CVE-2025-3414 - WordPress Structured Content (JSON-LD) Stored Cross-Site Scripting Vulnerability

]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-6790 - Quiz and Survey Master WordPress CSRF Vulnerability

]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-7808 - Shopify WP WordPress Stored Cross-Site Scripting

]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-8046 - "WordPress Injection Guard Reflected Cross-Site Scripting"

]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-8939 - Tenda AC20 Buffer Overflow in WifiGuestSet

]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-8940 - "Tenda AC20 strcpy Buffer Overflow Vulnerability"

]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-8946 - Projectworlds Online Notes Sharing Platform SQL Injection Vulnerability

]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-5942 - Netskope NS Client Windows Heap Overflow Denial-of-Service

]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-8936 - "1000 Projects Sales Management System SQL Injection"

]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-8937 - TOTOLINK N350R Command Injection Vulnerability

]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-8938 - TOTOLINK N350R Telnet Service Remote Backdoor Vulnerability

]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2024-7402 - Netskope Client Administrative Privilege Escalation and Configuration Tampering Vulnerability

]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-0309 - Netskope Client TLS Certificate Validation Bypass Privilege Elevation Vulnerability

]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-5941 - Netskope NS Client DNS Memory Leak

]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-8934 - "1000 Projects Sales Management System Cross-Site Scripting Vulnerability"

]]>

Thu, 14 Aug 2025 04:16:00 GMT

read more

CVE-2025-8935 - "1000 Projects Sales Management System SQL Injection Vulnerability"

]]>

Thu, 14 Aug 2025 04:16:00 GMT

read more

CVE-2025-8933 - "1000 Projects Sales Management System Cross Site Scripting Vulnerability"

]]>

Thu, 14 Aug 2025 04:15:00 GMT

read more

CVE-2025-8931 - Code-projects Medical Store Management System SQL Injection

]]>

Thu, 14 Aug 2025 03:15:00 GMT

read more

CVE-2025-8932 - "1000 Projects Sales Management System SQL Injection"

]]>

Thu, 14 Aug 2025 03:15:00 GMT

read more

CVE-2025-8930 - "Code-projects Medical Store Management System SQL Injection Vulnerability"

]]>

Thu, 14 Aug 2025 03:15:00 GMT

read more

CVE-2025-55198 - Helm Chart YAML Parsing Type Error Denial of Service

]]>

Thu, 14 Aug 2025 00:15:00 GMT

read more

CVE-2025-55199 - Helm Denial of Service (DoS) Vulnerability

]]>

Thu, 14 Aug 2025 00:15:00 GMT

read more

CVE-2025-55194 - Part-DB Persistent File Extension Denial of Service

]]>

Wed, 13 Aug 2025 23:15:00 GMT

read more

CVE-2025-55196 - Kubernetes External Secrets Operator Namespace Bypass Vulnerability

]]>

Wed, 13 Aug 2025 23:15:00 GMT

read more

CVE-2025-55197 - PyPDF FlateDecode Filter Exhaustion Denial of Service

]]>

Wed, 13 Aug 2025 23:15:00 GMT

read more

CVE-2025-55193 - Ruby on Rails ANSI Sequence Injection Vulnerability

]]>

Wed, 13 Aug 2025 23:15:00 GMT

read more

CVE-2025-8928 - Code-projects Medical Store Management System SQL Injection Vulnerability

]]>

Wed, 13 Aug 2025 22:15:00 GMT

read more

CVE-2025-8929 - Code-projects Medical Store Management System SQL Injection Vulnerability

]]>

Wed, 13 Aug 2025 22:15:00 GMT

read more

CVE-2012-10058 - RabidHamster Web Server Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10059 - Dolibarr ERP/CRM OS Command Injection Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10060 - Sysax Multi Server SSH Stack Buffer Overflow

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2025-34154 - UnForm Server Manager Unauthenticated File Read Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10014 - GTA San Andreas Multiplayer (SA-MP) Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10015 - Cytel Studio Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10016 - RealNetworks Netzip Classic Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10017 - Snort Nmap PHP Remote Command Execution Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10018 - MyBB Unauthorized Remote Code Execution Backdoor

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10019 - Spreecommerce Remote Command Execution Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10054 - Umbraco CMS Remote Code Execution Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10055 - F-Secure ComSndFTP Format String Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10056 - Apache Volunteer Management System Remote File Upload Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10057 - Lattice Semiconductor ispVM Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10011 - WeBid Remote Code Injection Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10012 - Impero Software NetOp Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10013 - Traq Remote Code Execution Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10009 - Apache S40 CMS Path Traversal Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10010 - QuickShare File Server FTP Path Traversal Vulnerability

]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2025-43982 - Tuoshi NR500-EA SSH Default Credential Vulnerability

]]>

Wed, 13 Aug 2025 20:15:00 GMT

read more

CVE-2025-43986 - KuWFi GC111 Telnet Authentication Bypass

]]>

Wed, 13 Aug 2025 20:15:00 GMT

read more

CVE-2025-43988 - KuWFi 5G01-X55 RCE through Unauthenticated API Endpoint

]]>

Wed, 13 Aug 2025 20:15:00 GMT

read more

CVE-2025-8926 - SourceCodester COVID 19 Testing Management System SQL Injection

]]>

Wed, 13 Aug 2025 20:15:00 GMT

read more

CVE-2025-8927 - Mtons MBlog Authentication Bypass Vulnerability

]]>

Wed, 13 Aug 2025 20:15:00 GMT

read more

CVE-2025-8925 - iSourcecode Sports Management System SQL Injection Vulnerability

]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-43989 - Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLIC Command Injection Vulnerability

]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-45313 - Hortusfox Web XSS

]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-8922 - Job Diary SQL Injection Vulnerability

]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-8923 - Code-Projects Job Diary SQL Injection Vulnerability

]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-8924 - Campcodes Online Water Billing System SQL Injection

]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-50615 - Netis WF2880 Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-50616 - Netis WF2880 Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-50617 - Netis WF2880 Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-50946 - Olivetin Command Injection Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-5819 - GitLab CE/EE Authentication Bypass

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-6186 - GitLab Cross-Site Scripting (XSS)

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-7734 - GitLab Cross-Site Scripting (XSS)

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-7739 - GitLab CE/EE Stored Cross-Site Scripting Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8754 - ABB AbilityTM zenon Missing Authentication for Critical Function

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8770 - GitLab EE Authentication Bypass Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8904 - Amazon EMR Kerberos Keytab File Disclosure

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8919 - Portabilis i-Diario Cross-Site Scripting Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8920 - Portabilis i-Diario Dicionário de Termos BNCC Page Cross-Site Scripting Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8921 - Code-Projects Job Diary SQL Injection Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-2937 - GitLab Markdown Wiki Denial of Service Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-45314 - Hortusfox Web Calendar XSS

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-45315 - Hortusfox Web XSS

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-45316 - Hortusfox Web TextBlockModule XSS

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-45317 - Hortusfox-web Zip Slip Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-23303 - NVIDIA NeMo Framework Remote Code Execution (RCE)

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-23304 - NVIDIA NeMo Code Injection Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-23305 - NVIDIA Megatron-LM Code Injection Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-23306 - NVIDIA Megatron-LM Code Injection Vulnerability

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-2498 - "Gitlab EE Improper Access Control Vulnerability"

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-2614 - GitLab CE/EE Resource Exhaustion Denial of Service

]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-2180 - Palo Alto Networks Checkov by Prisma Cloud Deserialization Vulnerability

]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-2181 - Palo Alto Networks Checkov Prisma Cloud Sensitive Information Disclosure

]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-2182 - Palo Alto Networks PAN-OS MACsec CAK Exposure

]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-2183 - Palo Alto Networks GlobalProtect Certificate Validation Bypass

]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-2184 - Palo Alto Networks Cortex XDR Broker VM Default Credential Sharing Vulnerability

]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-34153 - Hyland OnBase .NET Remoting RCE via Insecure Deserialization

]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-50594 - Danphe Health Hospital Management System EMR Password Reset Vulnerability

]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-51451 - TOTOLINK EX1200T Authentication Bypass

]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-52385 - "Studio 3T Remote Code Execution Vulnerability"

]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-50608 - Netis WF2880 Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50609 - Netis WF2880 Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50610 - Netis WF2880 Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50611 - Netis WF2880 Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50612 - Netis WF2880 Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50613 - Netis WF2880 Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50614 - Netis WF2880 Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-51452 - TOTOLINK A7000R Authentication Bypass Vulnerability

]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-8918 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-51691 - MarkTwo XSS Attack Vector

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-52585 - BIG-IP LTM Anonymous Diffie-Hellman Denial of Service

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-53859 - NGINX SMTP Module Information Leak

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-54500 - Apache HTTP/2 Denial-of-Service Vulnerability

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-54809 - F5 Access for Android SSL/TLS Man-in-the-Middle (MitM) Vulnerability

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-55163 - Netty HTTP/2 MadeYouReset DDoS Vulnerability

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-8941 - Linux-Pam Symlink Privilege Escalation Vulnerability

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-46405 - BIG-IP APM Traffic Management Microkernel Denial of Service

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-48500 - F5 VPN MacOS Browser Client File Integrity Check Bypass

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-50251 - Makeplane Plane SSRF Vulnerability

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-50635 - Netis WF2780 Null Pointer Dereference DoS Vulnerability

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-50690 - OSGeo SpatialReference.org Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-55005 - ImageMagick Logmap Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-55154 - ImageMagick Stack-Based Buffer Overflow

]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-55160 - ImageMagick Denial of Service (DoS) Function-Type Mismatch Vulnerability

]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-55668 - Apache Tomcat Session Fixation

]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-32451 - Foxit Reader Uninitialized Pointer Memory Corruption Vulnerability

]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-52386 - "CycloneDX Sunshine Formula Injection Vulnerability"

]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-52392 - Soosyze CMS Unrestricted Brute-Force Login Attack Vulnerability

]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-54074 - Cherry Studio OS Command Injection Vulnerability

]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-54382 - Cherry Studio Cherry Picker Remote Code Execution

]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-54791 - OMERO.web Information Disclosure Vulnerability

]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-55004 - ImageMagick Heap Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-48989 - Apache Tomcat Reset Attack Vulnerability

]]>

Wed, 13 Aug 2025 13:15:00 GMT

read more

CVE-2025-8671 - Apache HTTP/2 Denial-of-Service Vulnerability

]]>

Wed, 13 Aug 2025 13:15:00 GMT

read more

CVE-2025-8907 - H3C M2 NAS Webserver Configuration Privilege Escalation Vulnerability

]]>

Wed, 13 Aug 2025 13:15:00 GMT

read more

CVE-2025-8908 - Shanghai Lingdang Information Technology Lingdang CRM SQL Injection

]]>

Wed, 13 Aug 2025 13:15:00 GMT

read more

CVE-2025-54464 - ZKTeco WL20 Unencrypted Credentials Storage

]]>

Wed, 13 Aug 2025 12:15:00 GMT

read more

CVE-2025-54465 - ZKTeco WL20 Hard-Coded MQTT Credentials Disclosure

]]>

Wed, 13 Aug 2025 12:15:00 GMT

read more

CVE-2025-55279 - ZKTeco WL20 Hard-Coded Private Key Vulnerability

]]>

Wed, 13 Aug 2025 12:15:00 GMT

read more

CVE-2025-55280 - ZKTeco WL20 PlainText Data Exposure Vulnerability

]]>

Wed, 13 Aug 2025 12:15:00 GMT

read more

CVE-2025-8912 - WellChoose Organization Portal System Arbitrary File Reading Vulnerability

]]>

Wed, 13 Aug 2025 10:15:00 GMT

read more

CVE-2025-8913 - WellChoose Organization Portal System Local File Inclusion Vulnerability

]]>

Wed, 13 Aug 2025 10:15:00 GMT

read more

CVE-2025-8914 - WellChoose Organization Portal System SQL Injection

]]>

Wed, 13 Aug 2025 10:15:00 GMT

read more

CVE-2025-8916 - Bouncy Castle for Java Excessive Allocation Memory Vulnerability

]]>

Wed, 13 Aug 2025 10:15:00 GMT

read more

Violation de données personnelles de l&rsquo;opérateur Bouygues Telecom : situation, risques et recommandations

]]>

Wed, 13 Aug 2025 10:13:00 GMT

read more

CVE-2025-8910 - WellChoose Organization Portal System Reflected Cross-site Scripting Vulnerability

]]>

Wed, 13 Aug 2025 09:15:00 GMT

read more

CVE-2025-8911 - WellChoose Organization Portal System Reflected Cross-site Scripting Vulnerability

]]>

Wed, 13 Aug 2025 09:15:00 GMT

read more

CVE-2025-55345 - Codex Symlink File Overwrite RCE

]]>

Wed, 13 Aug 2025 09:15:00 GMT

read more

CVE-2025-8909 - WellChoose Organization Portal System Arbitrary File Reading Vulnerability

]]>

Wed, 13 Aug 2025 09:15:00 GMT

read more

CVE-2025-6184 - Tutor LMS Pro WordPress SQL Injection Vulnerability

]]>

Wed, 13 Aug 2025 07:15:00 GMT

read more

CVE-2025-8760 - INSTAR fcgi_server Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 07:15:00 GMT

read more

CVE-2025-8761 - INSTAR Denial of Service Vulnerability in Backend IPC Server

]]>

Wed, 13 Aug 2025 07:15:00 GMT

read more

CVE-2025-8762 - INSTAR UART Interface Physical Access Control Bypass

]]>

Wed, 13 Aug 2025 07:15:00 GMT

read more

CVE-2025-6715 - LatePoint WordPress Local File Inclusion Vulnerability

]]>

Wed, 13 Aug 2025 06:15:00 GMT

read more

CVE-2025-7384 - "Elementor Forms PHP Object Injection Vulnerability"

]]>

Wed, 13 Aug 2025 05:15:00 GMT

read more

CVE-2025-0818 - elFinder WordPress Plugin Directory Traversal Vulnerability

]]>

Wed, 13 Aug 2025 04:16:00 GMT

read more

CVE-2025-8491 - Easy Restaurant Menu Manager for WordPress CSRF

]]>

Wed, 13 Aug 2025 04:16:00 GMT

read more

CVE-2025-8891 - OceanWP Cross-Site Request Forgery (CSRF)

]]>

Wed, 13 Aug 2025 04:16:00 GMT

read more

CVE-2025-8880 - Google Chrome V8 Race Condition Execution of Arbitrary Code

]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-8881 - Google Chrome File Picker Cross-Origin Data Leak

]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-8882 - Google Chrome Aura Use-After-Free Vulnerability

]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-8901 - Google Chrome ANGLE Out-of-Bounds Memory Access Vulnerability

]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-4410 - Cisco SetupUtility Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-8879 - Google Chrome Heap Buffer Overflow Vulnerability

]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-4276 - Intel UsbCoreDxe SMM Arbitrary Code Execution

]]>

Wed, 13 Aug 2025 02:15:00 GMT

read more

CVE-2025-4277 - Intel Tcg2Smm SMM Execute Code Arbitrary Memory Write

]]>

Wed, 13 Aug 2025 02:15:00 GMT

read more

Fuite de données chez France Link Interactive

]]>

Wed Aug 13 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-54232 - Adobe Framemaker Use After Free Vulnerability

]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54233 - Adobe Framemaker Out-of-Bounds Read Vulnerability

]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54238 - Dimension Out-of-Bounds Read Vulnerability

]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-8395 - "CVE-xxxx: Apache Struts SQL Injection Vulnerability"

]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-49457 - Zoom Untrusted Search Path Privilege Escalation Vulnerability

]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54229 - Adobe Framemaker Use After Free Vulnerability

]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54230 - Adobe Framemaker Use-After-Free Vulnerability

]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54231 - Adobe Framemaker Use After Free Vulnerability

]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-49456 - Zoom Windows Installer Race Condition Vulnerability

]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54222 - Substance3D Out-of-Bounds Write Vulnerability

]]>

Tue, 12 Aug 2025 22:15:00 GMT

read more

CVE-2025-55170 - WeGIA Reflected Cross-Site Scripting Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-55171 - WeGIA Unauthenticated File Deletion Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-55165 - Autocaliweb API Key Exposure

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54235 - Substance3D Modeler Out-of-Bounds Read Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54226 - Adobe InDesign Use After Free Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54227 - Adobe InDesign Out-of-Bounds Read Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54228 - Adobe InDesign Out-of-Bounds Read Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54219 - Adobe InCopy Heap-based Buffer Overflow Arbitrary Code Execution

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54220 - Adobe InCopy Heap-based Buffer Overflow Arbitrary Code Execution

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54221 - Adobe InCopy Out-of-Bounds Write Arbitrary Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54223 - Adobe InCopy Use After Free Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54224 - Adobe InDesign Use After Free Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54225 - Adobe InDesign Use After Free Vulnerability (Arbitrary Code Execution)

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54217 - Adobe InCopy Heap-based Buffer Overflow Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54218 - Adobe InCopy Out-of-Bounds Write Arbitrary Code Execution

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54208 - Adobe InDesign Out-of-Bounds Write Arbitrary Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54209 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54210 - Adobe InDesign Arbitrary Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54211 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54212 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54213 - Adobe InDesign Out-of-Bounds Write Arbitrary Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54214 - Adobe InDesign Out-of-Bounds Read Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54215 - Adobe InCopy Out-of-Bounds Write Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54216 - Adobe InCopy Out-of-Bounds Write Arbitrary Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54207 - Adobe InDesign Uninitialized Pointer Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2023-45584 - Fortinet FortiOS Double Free Vulnerability

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2024-26009 - Fortinet FortiOS Authentication Bypass via FGFM Requests

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2024-40588 - Fortinet FortiMail, FortiVoice, FortiRecorder, FortiCamera, FortiNDR Path Traversal Vulnerability

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2024-48892 - FortiSOAR Relative Path Traversal Vulnerability

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2024-52964 - Fortinet FortiManager Path Traversal Vulnerability

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-25248 - FortiOS Integer Overflow in SSL-VPN Bookmarks

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-25256 - Fortinet FortiSIEM OS Command Injection

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-27759 - Fortinet FortiWeb OS Command Injection

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-32766 - Fortinet FortiWeb Stack-Based Buffer Overflow Vulnerability

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-32932 - FortiSOAR XSS

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-36124 - IBM WebSphere Application Server Liberty JMS Message Injection Vulnerability

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-43734 - Liferay Portal Liferay DXP Cross-Site Scripting (XSS) Vulnerability

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-47857 - Fortinet FortiWeb OS Command Injection

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-49813 - Fortinet FortiADC OS Command Injection

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-52970 - Fortinet FortiWeb Unauthenticated Privilege Escalation Vulnerability

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-53744 - FortiOS Security Fabric Privilege Escalation Vulnerability

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-55168 - WeGIA SQL Injection Vulnerability

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-55169 - WeGIA Path Traversal Vulnerability

]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-53779 - Microsoft Windows Kerberos Path Traversal Privilege Escalation

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53781 - Azure Virtual Machines Information Exposure Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53783 - Microsoft Teams Heap Buffer Overflow Remote Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53784 - Microsoft Office Word Use After Free Remote Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53788 - Windows Subsystem for Linux TOCTOU Privilege Escalation

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53789 - Windows StateRepository API Local Privilege Escalation

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53793 - Azure Stack Authentication Bypass

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53733 - Microsoft Office Word Integer Overflow Remote Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53734 - Microsoft Office Visio Use-After-Free Remote Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53735 - Microsoft Office Excel Use-After-Free Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53736 - Microsoft Office Word Buffer Over-Read Information Disclosure

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53737 - Microsoft Office Excel Heap-Based Buffer Overflow Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53738 - Microsoft Office Word Use After Free Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53739 - Microsoft Office Excel Type Confusion Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53740 - Microsoft Office Use-After-Free Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53741 - Microsoft Office Excel Heap-Based Buffer Overflow Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53759 - Microsoft Office Excel Uninitialized Resource Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53760 - Microsoft Office SharePoint SSRF

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53761 - Microsoft Office PowerPoint Use-After-Free Remote Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53765 - Azure Stack Information Disclosure Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53766 - Windows GDI+ Heap-based Buffer Overflow

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53769 - Windows Security App Path Traversal Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53772 - Web Deploy Untrusted Data Deserialization Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53773 - GitHub Copilot Command Injection Vulnerability

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53778 - Microsoft Windows NTLM Privilege Escalation

]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-24835 - Intel Arc B-Series Graphics Denial of Service Vulnerability

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-24840 - Intel Tiber Edge Platform Privilege Escalation Vulnerability

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-24921 - Intel Tiber Edge Orchestrator Improper Neutralization Information Disclosure

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-24923 - "Intel AI for Enterprise Retrieval-augmented Generation Uncontrolled Search Path Vulnerability (EoP)"

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-25273 - Intel 700 Series Ethernet Kernel Mode Driver Control Flow Vulnerability

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26403 - Intel Xeon SGX/TDX OOB Write Privilege Escalation

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26404 - Intel DSA Uncontrolled Search Path Privilege Escalation

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26470 - Intel Distribution for Python Unprivileged Privilege Escalation

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26472 - Intel Tiber Edge Platform Denial of Service

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26697 - Intel 700 Series Ethernet Unauthenticated Denial of Service

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26863 - Intel 700 Series Ethernet Denial of Service

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27250 - Intel Tiber Edge Platform Denial of Service

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27537 - Intel Tiber Edge Platform Privilege Escalation Vulnerability

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27559 - Apache AI Playground Privilege Escalation

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27576 - Intel Tiber Edge Platform Unauthenticated Denial of Service Vulnerability

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27707 - Intel Tiber Edge Orchestrator Sensitive Information Exposure Denial of Service

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27717 - Intel Graphics Driver Uncontrolled Search Path Privilege Escalation

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-32004 - Intel Edger8r Tool SGX SDK Privilege Escalation Vulnerability

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-32086 - Intel Xeon 6 Processors SGX/TDX Privilege Escalation Vulnerability

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-49563 - Adobe Illustrator Out-of-Bounds Write Vulnerability

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-49564 - Adobe Illustrator Stack-based Buffer Overflow Vulnerability

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-49567 - Adobe Illustrator NULL Pointer Dereference Denial of Service

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-49568 - Adobe Illustrator Use After Free Vulnerability

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-55166 - Savg-sanitizer Cross-Site Scripting and External Domain Linking Vulnerability

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-55167 - WeGIA SQL Injection

]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-38500 - Linux Kernel xfrm Interface Use-After-Free Vulnerability

xfrmi hash, but since it also exists in the xfrmi_net->collect_md_xfrmi pointer it would lead to a double free when the net namespace was taken down [1]. Change the check to use the xi from netdev_priv which is available earlier in the function to prevent changes in xfrm collect_md interfaces. [1] resulting oops: [ 8.516540] kernel BUG at net/core/dev.c:12029! [ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary) [ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 8.516569] Workqueue: netns cleanup_net [ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0 [ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24 [ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206 [ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60 [ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122 [ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100 [ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00 [ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00 [ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000 [ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0 [ 8.516625] PKRU: 55555554 [ 8.516627] Call Trace: [ 8.516632] [ 8.516635] ? rtnl_is_locked+0x15/0x20 [ 8.516641] ? unregister_netdevice_queue+0x29/0xf0 [ 8.516650] ops_undo_list+0x1f2/0x220 [ 8.516659] cleanup_net+0x1ad/0x2e0 [ 8.516664] process_one_work+0x160/0x380 [ 8.516673] worker_thread+0x2aa/0x3c0 [ 8.516679] ? __pfx_worker_thread+0x10/0x10 [ 8.516686] kthread+0xfb/0x200 [ 8.516690] ? __pfx_kthread+0x10/0x10 [ 8.516693] ? __pfx_kthread+0x10/0x10 [ 8.516697] ret_from_fork+0x82/0xf0 [ 8.516705] ? __pfx_kthread+0x10/0x10 [ 8.516709] ret_from_fork_asm+0x1a/0x30 [ 8.516718] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-3089 - ServiceNow AI Platform Broken Access Control Vulnerability

]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-54800 - Hydra JavaScript Injection Vulnerability

]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-54864 - Hydra Unauthenticated API Calls Vulnerability

]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-55010 - Kanboard PHP Deserialization RCE Vulnerability

]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-55011 - Kanboard File Traversal Vulnerability

]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-55164 - "Prototype Pollution in Apache Content-Security-Policy-Parser"

]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-8452 - Brother Multi-Function Printer Serial Number Disclosure and Default Administrator Password Calculation Vulnerability

]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2024-38805 - EDK2 BIOS Integer Overflow Denial of Service Vulnerability

]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-3831 - Harmony SASE Agent Unsecured Log Upload

]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-5456 - Ivanti Connect Secure Buffer Over-read DOS Vulnerability

]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-5462 - Ivanti Connect Secure Heap Buffer Overflow Vulnerability

]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-5466 - "Ivanti Connect Secure and Ivanti Policy Secure Denial of Service Vulnerability"

]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-5468 - Ivanti Connect Secure, Policy Secure, ZTA Gateway, Neurons for Secure Access Local File Reading via Symbolic Link Vulnerability

]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-8296 - Ivanti Avalanche SQL Injection Remote Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-8297 - Ivanti Avalanche Remote Code Execution

]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-8310 - Ivanti Virtual Application Delivery Controller Authentication Bypass

]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-22830 - APTIOV BIOS Race Condition Vulnerability

]]>

Tue, 12 Aug 2025 14:15:00 GMT

read more

CVE-2025-22834 - AMI APTIOV BIOS Improper Initialization Vulnerability

]]>

Tue, 12 Aug 2025 14:15:00 GMT

read more

CVE-2025-43735 - Liferay Portal Liferay DXP Cross-Site Scripting (XSS)

]]>

Tue, 12 Aug 2025 13:15:00 GMT

read more

CVE-2025-40766 - SINEC Traffic Analyzer Docker DoS Vulnerability

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40767 - SINEC Traffic Analyzer Docker Container Isolation Bypass

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40768 - SINEC Traffic Analyzer Remote Service Access Vulnerability

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40769 - SINEC Traffic Analyzer Cross-Site Scripting Vulnerability

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40770 - SINEC Traffic Analyzer Man-in-the-Middle Vulnerability

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-41986 - Siemens Opcenter QL Home, SOA Audit, and SOA Cockpit TLS Insecure Protocol Vulnerability

= V13.2 V2506), SOA Audit (All versions >= V13.2 V2506), SOA Cockpit (All versions >= V13.2 V2506). The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-52504 - Siemens SIPROTEC 4 Remote File Transfer Denial of Service

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-54678 - Siemens SIMATIC and TIA Portal Named Pipe Remote Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-30033 - Apache Setup DLL Hijacking Vulnerability

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-30034 - "SIMATIC RTLS Locating Manager Unauthenticated Local Denial of Service"

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-33023 - RUGGEDCOM ROX File Upload Privilege Escalation Vulnerability

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40570 - Siemens SIPROTEC 5 USB Port Bandwidth Exhaustion Vulnerability

= V7.80 V10.0), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 6MU85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7KE85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SA82 (CP150) (All versions V10.0), SIPROTEC 5 7SA86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SA87 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SD82 (CP150) (All versions V10.0), SIPROTEC 5 7SD86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SD87 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SJ81 (CP150) (All versions V10.0), SIPROTEC 5 7SJ82 (CP150) (All versions V10.0), SIPROTEC 5 7SJ85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SJ86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SK82 (CP150) (All versions V10.0), SIPROTEC 5 7SK85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SL82 (CP150) (All versions V10.0), SIPROTEC 5 7SL86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SL87 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SS85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7ST85 (CP300) (All versions V10.0), SIPROTEC 5 7ST86 (CP300) (All versions V10.0), SIPROTEC 5 7SX82 (CP150) (All versions V10.0), SIPROTEC 5 7SX85 (CP300) (All versions V10.0), SIPROTEC 5 7SY82 (CP150) (All versions V10.0), SIPROTEC 5 7UM85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7UT82 (CP150) (All versions V10.0), SIPROTEC 5 7UT85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7UT86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7UT87 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7VE85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7VK87 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7VU85 (CP300) (All versions V10.0), SIPROTEC 5 Compact 7SX800 (CP050) (All versions V10.0). Affected devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to any network traffic via the local USB port. Affected devices reset themselves automatically after a successful attack. The protection function is not affected of this vulnerability. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40584 - Siemens SIMOTION and SINAMICS XXE File Disclosure Vulnerability

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40743 - Siemens SINUMERIK VNC Authentication Bypass

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40746 - "Siemens SIMATIC RTLS Locating Manager Remote Code Execution Vulnerability"

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40751 - SIMATIC RTLS Locating Manager Credential Exposure (Authentication Bypass)

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40752 - SICAM Power Meter Password Storage Vulnerability

= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q200 family (All versions >= V2.70 V2.80). Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40753 - SICAM Power Meter SMTP Password Exposure

= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q200 family (All versions >= V2.70 V2.80). Affected devices export the password for the SMTP account as plain text in the Configuration File. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40759 - Siemens TIA Portal and SIMATIC Products Remote Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40761 - RUGGEDCOM ROX Devices Physical Access Bypass Authentication Vulnerability

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40762 - "Simcenter Femap STP File Out-of-Bounds Write Vulnerability"

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40764 - Simcenter Femap BMP File Out-of-Bounds Read Vulnerability

]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-41984 - Siemens Opcenter QL Home, SOA Audit, and SOA Cockpit Improper Error Handling Exposes System Applications

= V13.2 V2506), SOA Audit (All versions >= V13.2 V2506), SOA Cockpit (All versions >= V13.2 V2506). The affected application improperly handles error while accessing an inaccessible resource leading to exposing the system applications. Severity: 2.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-41985 - Siemens Opcenter QL Home and SOA Session Persistence Vulnerability

= V13.2 V2506), SOA Audit (All versions >= V13.2 V2506), SOA Cockpit (All versions >= V13.2 V2506). The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle. Severity: 2.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-41983 - Siemens Opcenter QL Home, SOA Audit, and SOA Cockpit SQL Injection Vulnerability

= V13.2 V2506), SOA Audit (All versions >= V13.2 V2506), SOA Cockpit (All versions >= V13.2 V2506). The affected application displays SQL statement in the error messages encountered during the generation of reports using Cockpit tool. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-43736 - Liferay Portal Liferay DXP File Upload Denial Of Service (DOS)

]]>

Tue, 12 Aug 2025 11:15:00 GMT

read more

CVE-2025-8885 - Bouncy Castle for Java Resource Allocation Denial of Service

]]>

Tue, 12 Aug 2025 10:15:00 GMT

read more

CVE-2025-26398 - SolarWinds Database Performance Analyzer Cryptographic Key Disclosure

]]>

Tue, 12 Aug 2025 08:15:00 GMT

read more

CVE-2025-41686 - Microsoft NSSM Elevation of Privilege

]]>

Tue, 12 Aug 2025 08:15:00 GMT

read more

CVE-2025-47444 - Liquid Web GiveWP Sensitive Data Retrieval Vulnerability

]]>

Tue, 12 Aug 2025 07:15:00 GMT

read more

CVE-2025-8418 - WordPress B Slider-Gutenberg Slider Block Plugin Arbitrary Plugin Installation Vulnerability

]]>

Tue, 12 Aug 2025 07:15:00 GMT

read more

CVE-2025-8482 - WordPress Simple Local Avatars Unauthenticated Data Modification Vulnerability

]]>

Tue, 12 Aug 2025 07:15:00 GMT

read more

CVE-2025-8767 - WordPress AnWP Football Leagues Plugin CSV Injection Vulnerability

]]>

Tue, 12 Aug 2025 07:15:00 GMT

read more

CVE-2025-8874 - Elementor Addons - WordPress Stored Cross-Site Scripting Vulnerability

]]>

Tue, 12 Aug 2025 07:15:00 GMT

read more

CVE-2025-30027 - Axis ACAP Code Execution Vulnerability

]]>

Tue, 12 Aug 2025 06:15:00 GMT

read more

CVE-2025-3892 - Axis ACAP Privilege Escalation Vulnerability

]]>

Tue, 12 Aug 2025 06:15:00 GMT

read more

CVE-2025-6253 - "UiCore Elements WordPress Arbitrary File Read Vulnerability"

]]>

Tue, 12 Aug 2025 06:15:00 GMT

read more

CVE-2025-8081 - Elementor WordPress Arbitrary File Read Vulnerability

]]>

Tue, 12 Aug 2025 06:15:00 GMT

read more

CVE-2025-7622 - Apache Server-Side Request Forgery

]]>

Tue, 12 Aug 2025 05:15:00 GMT

read more

CVE-2025-8059 - WordPress B Blocks Privilege Escalation

]]>

Tue, 12 Aug 2025 05:15:00 GMT

read more

CVE-2025-8314 - WordPress Software Issue Manager Stored Cross-Site Scripting Vulnerability

]]>

Tue, 12 Aug 2025 05:15:00 GMT

read more

CVE-2025-42976 - SAP NetWeaver Application Server ABAP Buffer Overflow

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-4390 - WordPress Private Content Plus Sensitive Information Exposure

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-5391 - WooCommerce Purchase Orders Remote Code Execution via File Deletion Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8462 - Elementor RT Easy Builder Stored Cross-Site Scripting Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8568 - WordPress GMap Generator Stored Cross-Site Scripting Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8621 - Mosaic Generator Stored Cross-Site Scripting Vulnerability in WordPress

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8685 - WordPress Wp Chart Generator Stored Cross-Site Scripting Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8688 - WordPress Inline Stock Quotes Stored Cross-Site Scripting Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8690 - WordPress Simple Responsive Slider Stored Cross-Site Scripting Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42957 - SAP S/4HANA ABAP Code Injection Backdoor Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42975 - SAP NetWeaver Application Server ABAP Cross-Site Scripting (XSS)

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42951 - SAP Business One (SLD) Privilege Escalation Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42955 - SAP Cloud Connector LDAP Connection Testing Information Disclosure

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42936 - SAP NetWeaver Application Server for ABAP Privilege Escalation Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42941 - SAP Fiori Launchpad Reverse Tabnabbing Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42942 - SAP NetWeaver Application Server for ABAP Cross-Site Scripting (XSS)

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42943 - SAP GUI for Windows NTLM Hash Leak

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42945 - SAP NetWeaver Application Server ABAP HTML Injection Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42946 - SAP S/4HANA (Bank Communication Management) Directory Traversal Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42948 - SAP NetWeaver ABAP Platform Cross-Site Scripting Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42949 - Oracle ABAP Platform SQL Injection Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42950 - SAP SLT ABAP Code Injection Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42934 - SAP S/4HANA CRLF Injection Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42935 - SAP NetWeaver Application Server ABAP and ABAP Platform ICM Information Disclosure Vulnerability

]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

Fuite de données chez France Travail

]]>

Tue Aug 12 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-55161 - Stirling-PDF SSRF

]]>

Mon, 11 Aug 2025 23:15:00 GMT

read more

CVE-2025-55156 - PyLoad SQL Injection Vulnerability

]]>

Mon, 11 Aug 2025 23:15:00 GMT

read more

CVE-2025-55157 - Vim Use-After-Free Vulnerability

]]>

Mon, 11 Aug 2025 23:15:00 GMT

read more

CVE-2025-55158 - Vim Double-Free Typval Management Vulnerability

]]>

Mon, 11 Aug 2025 23:15:00 GMT

read more

CVE-2025-55159 - Apache Slab Uninitialized Memory Access Vulnerability

]]>

Mon, 11 Aug 2025 23:15:00 GMT

read more

CVE-2025-25235 - Omnissa Secure Email Gateway (SEG) SSRF

]]>

Mon, 11 Aug 2025 22:15:00 GMT

read more

CVE-2025-54992 - OpenKilda OpenFlow XXE Injection

]]>

Mon, 11 Aug 2025 22:15:00 GMT

read more

CVE-2025-55012 - Zed Agent Panel Remote Code Execution Permissions Bypass

]]>

Mon, 11 Aug 2025 22:15:00 GMT

read more

CVE-2025-55150 - Stirling-PDF SSRF Vulnerability

]]>

Mon, 11 Aug 2025 22:15:00 GMT

read more

CVE-2025-55151 - Stirling-PDF SSRF Vulnerability

]]>

Mon, 11 Aug 2025 22:15:00 GMT

read more

CVE-2024-32640 - MASA CMS SQL Injection Vulnerability

]]>

Mon, 11 Aug 2025 21:15:00 GMT

read more

CVE-2025-40920 - Apache::Catalyst::Authentication::Credential::HTTP Weak Nonce Generation

]]>

Mon, 11 Aug 2025 21:15:00 GMT

read more

CVE-2025-54878 - NASA CryptoLib Heap Buffer Overflow Vulnerability

]]>

Mon, 11 Aug 2025 21:15:00 GMT

read more

CVE-2025-53190 - ABB Aspect Authentication Bypass

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53191 - ABB Aspect Missing Authentication for Critical Function Vulnerability

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53514 - Mattermost Confluence Plugin Denial of Service (DoS)

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53857 - Mattermost Confluence Plugin Information Disclosure Vulnerability

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53910 - Mattermost Confluence Plugin Authentication Bypass

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-54458 - Mattermost Confluence Plugin Unauthorized Subscription Creation Vulnerability

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-54463 - Mattermost Confluence Plugin Denial of Service (DoS)

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-54478 - Mattermost Confluence Plugin Authentication Bypass

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-54525 - Mattermost Confluence Plugin Denial of Service (DoS)

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-7677 - "ABB Aspect Missing Authentication for Critical Function"

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-7679 - ABB Aspect Missing Authentication for Critical Function

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-8285 - Mattermost Confluence Plugin Authentication Bypass

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-51823 - Libcsp Buffer Overflow Vulnerability

name) without validating the input length. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-51824 - Zephyr libcsp Buffer Overflow

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-52931 - Mattermost Confluence Plugin Denial of Service (DoS)

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53188 - ABB Aspect Unprotected Credentials

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53189 - ABB Aspect Authorization Bypass Through User-Controlled Key Vulnerability

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-25229 - VMware Workspace ONE UEM SSRF Vulnerability

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-44001 - Mattermost Confluence Plugin Unauthenticated Channel Subscription Information Disclosure

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-44004 - Mattermost Confluence Plugin Auth Bypass

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-48731 - Mattermost Confluence Plugin Unauthorized Access and Subscription Manipulation Vulnerability

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-49221 - Mattermost Confluence Plugin Authentication Bypass

]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-25231 - VMware Workspace ONE UEM Path Traversal Information Disclosure

]]>

Mon, 11 Aug 2025 18:15:00 GMT

read more

CVE-2025-53187 - ABB ASPECT Code Injection Vulnerability

]]>

Mon, 11 Aug 2025 18:15:00 GMT

read more

CVE-2025-54063 - Cherry Studio Custom URL Handler Remote Code Execution Vulnerability

]]>

Mon, 11 Aug 2025 18:15:00 GMT

read more

CVE-2025-8866 - YugabyteDB Anywhere Authentication Bypass

]]>

Mon, 11 Aug 2025 17:15:00 GMT

read more

CVE-2025-38499 - Linux Kernel Clone Private Mnt userns Privilege Escalation Vulnerability

]]>

Mon, 11 Aug 2025 16:15:00 GMT

read more

CVE-2025-45146 - ModelCache for LLM Deserialization Vulnerability

]]>

Mon, 11 Aug 2025 16:15:00 GMT

read more

CVE-2012-10037 - Apache PhpTax Remote Code Execution Vulnerability

]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2012-10038 - Auxilium RateMyPet Unauthenticated Remote Code Execution (RCE) via File Upload

]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2012-10039 - ZEN Load Balancer Root Code Execution Vulnerability

]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2012-10040 - Openfiler Command Injection Vulnerability

]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2025-8859 - Code-projects eBlog Site File Upload Module Unrestricted Upload Vulnerability

]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2025-8865 - YugabyteDB YCQL DoS Denial of Service

]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2025-8851 - LibTIFF Stack-Based Buffer Overflow

]]>

Mon, 11 Aug 2025 14:15:00 GMT

read more

CVE-2025-8852 - WuKongOpenSource WukongCRM File Upload API Response Handler Information Exposure Vulnerability

]]>

Mon, 11 Aug 2025 14:15:00 GMT

read more

CVE-2025-8864 - Yugabyte Shared Access Signature Token Exposed

]]>

Mon, 11 Aug 2025 14:15:00 GMT

read more

CVE-2025-8672 - GIMP for MacOS Local Privilege Escalation

]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8845 - "NASM Netwide Assembler Stack-Based Buffer Overflow Vulnerability"

]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8846 - "NASM Netwide Assembler Stack-Based Buffer Overflow"

]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8847 - RuoYi Yangzongzhuan Cross-Site Scripting Vulnerability

]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8862 - YugabyteDB Information Disclosure Vulnerability

]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8863 - YugabyteDB Information Disclosure

]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8844 - "NASM Netwide Assembler Null Pointer Dereference Vulnerability"

]]>

Mon, 11 Aug 2025 12:15:00 GMT

read more

CVE-2025-8842 - NASM Netwide Assembler Use After Free Vulnerability

]]>

Mon, 11 Aug 2025 11:15:00 GMT

read more

CVE-2025-8843 - NASM Netwide Assembler Heap-Based Buffer Overflow

]]>

Mon, 11 Aug 2025 11:15:00 GMT

read more

CVE-2025-8841 - Zlt2000 Microservices-Platform Unrestricted File Upload Vulnerability

]]>

Mon, 11 Aug 2025 10:15:00 GMT

read more

CVE-2025-8840 - jshERP Unauthenticated Remote Code Execution

]]>

Mon, 11 Aug 2025 10:15:00 GMT

read more

CVE-2025-8839 - jshERP Remote Authorization Bypass Vulnerability

]]>

Mon, 11 Aug 2025 09:15:00 GMT

read more

CVE-2025-8853 - 2100 Technology Official Document Management System Authentication Bypass

]]>

Mon, 11 Aug 2025 09:15:00 GMT

read more

CVE-2025-8838 - WinterChenS my-site PreHandle Uri Improper Authentication Remote Vulnerability

]]>

Mon, 11 Aug 2025 09:15:00 GMT

read more

CVE-2025-8836 - JasPer JPEG2000 Encoder Reachable Assertion Vulnerability

]]>

Mon, 11 Aug 2025 08:15:00 GMT

read more

CVE-2025-8837 - JasPer JPEG2000 File Handler Use After Free Vulnerability

]]>

Mon, 11 Aug 2025 08:15:00 GMT

read more

CVE-2025-8660 - Apache Privilege Escalation Vulnerability

]]>

Mon, 11 Aug 2025 08:15:00 GMT

read more

CVE-2025-8661 - Apache Server Stored XSS

]]>

Mon, 11 Aug 2025 08:15:00 GMT

read more

CVE-2025-8747 - Keras Safe Mode Bypass Arbitrary Code Execution

]]>

Mon, 11 Aug 2025 08:15:00 GMT

read more

CVE-2025-8833 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 11 Aug 2025 07:15:00 GMT

read more

CVE-2025-8834 - JCG Link-net LW-N915R Cross-Site Scripting Vulnerability

]]>

Mon, 11 Aug 2025 07:15:00 GMT

read more

CVE-2025-8835 - JasPer Jas Image Color Space Conversion Handler Null Pointer Dereference

]]>

Mon, 11 Aug 2025 07:15:00 GMT

read more

CVE-2025-7965 - "CBX Restaurant Booking WordPress CSRF Settings Update Vulnerability"

]]>

Mon, 11 Aug 2025 06:15:00 GMT

read more

CVE-2025-8832 - Linksys WAP Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 11 Aug 2025 06:15:00 GMT

read more

CVE-2025-8854 - Bullet Physics LoadOFF Stack-based Buffer Overflow Vulnerability

]]>

Mon, 11 Aug 2025 05:15:00 GMT

read more

CVE-2025-8830 - Linksys Router Os Command Injection Vulnerability

]]>

Mon, 11 Aug 2025 05:15:00 GMT

read more

CVE-2025-8831 - Linksys Wireless Router Remote Management Stack Buffer Overflow Vulnerability

]]>

Mon, 11 Aug 2025 05:15:00 GMT

read more

CVE-2025-27577 - Apache OpenHarmony TCB Arbitrary Code Execution Vulnerability

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-8827 - Linksys Router Remote Os Command Injection Vulnerability

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-8828 - Linksys RE Series IPv6 Command Injection Vulnerability

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-8829 - Linksys Wireless Router OS Command Injection Vulnerability

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-27562 - OpenHarmony DoS Memory Leak

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-27128 - OpenHarmony TCB Use After Free Arbitrary Code Execution

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-27536 - OpenHarmony Type Confusion DOS

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-25278 - OpenHarmony TCB Race Condition Arbitrary Code Execution Vulnerability

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-26690 - OpenHarmony NULL Pointer Dereference Denial of Service Vulnerability

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-24844 - OpenHarmony Memory Leaking DOS Vulnerability

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-24925 - OpenHarmony Memory Leaks Denial of Service Vulnerability

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-25212 - OpenHarmony Denial of Service Vulnerability

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-24298 - OpenHarmony TCB Use-After-Free Vulnerability

]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-8825 - Linksys Router OS Command Injection Vulnerability

]]>

Mon, 11 Aug 2025 03:15:00 GMT

read more

CVE-2025-8826 - Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 11 Aug 2025 03:15:00 GMT

read more

CVE-2025-8823 - Linksys Wireless Router Os Command Injection Vulnerability

]]>

Mon, 11 Aug 2025 02:15:00 GMT

read more

CVE-2025-8824 - Linksys Wireless Routers Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 11 Aug 2025 02:15:00 GMT

read more

CVE-2025-8821 - Linksys WiFi Router OS Command Injection Vulnerability

]]>

Mon, 11 Aug 2025 01:15:00 GMT

read more

CVE-2025-8822 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 11 Aug 2025 01:15:00 GMT

read more

CVE-2025-8820 - Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 11 Aug 2025 00:15:00 GMT

read more

CVE-2025-8818 - Linksys Wi-Fi Router OS Command Injection Vulnerability

]]>

Sun, 10 Aug 2025 23:15:00 GMT

read more

CVE-2025-8819 - Linksys Router Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 10 Aug 2025 23:15:00 GMT

read more

CVE-2025-8817 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 10 Aug 2025 22:15:00 GMT

read more

CVE-2025-8815 - Shiro Configuration Path Traversal Vulnerability

]]>

Sun, 10 Aug 2025 16:15:00 GMT

read more

CVE-2025-8816 - Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 10 Aug 2025 16:15:00 GMT

read more

CVE-2025-8813 - Atjiu Pybbs Open Redirect Vulnerability

]]>

Sun, 10 Aug 2025 15:15:00 GMT

read more

CVE-2025-8814 - Atjiu Pybbs Cross-Site Request Forgery Vulnerability

]]>

Sun, 10 Aug 2025 15:15:00 GMT

read more

CVE-2025-8810 - Tenda AC20 Buffer Overflow Vulnerability

]]>

Sun, 10 Aug 2025 14:15:00 GMT

read more

CVE-2025-8811 - Apache Solr SQL Injection Vulnerability

]]>

Sun, 10 Aug 2025 14:15:00 GMT

read more

CVE-2025-8812 - Atjiu Pybbs Admin Panel Cross-Site Scripting Vulnerability

]]>

Sun, 10 Aug 2025 14:15:00 GMT

read more

CVE-2025-8809 - Code-projects Online Medicine Guide SQL Injection Vulnerability

]]>

Sun, 10 Aug 2025 13:15:00 GMT

read more

CVE-2025-8807 - "Xujeff Tianti 天梯 Remote Missing Authorization Vulnerability"

]]>

Sun, 10 Aug 2025 12:15:00 GMT

read more

CVE-2025-8808 - Tianti CSV Injection Vulnerability

]]>

Sun, 10 Aug 2025 12:15:00 GMT

read more

CVE-2025-8805 - Open5GS SMF Denial of Service Vulnerability

]]>

Sun, 10 Aug 2025 11:15:00 GMT

read more

CVE-2025-8806 - Zhilink ADP Application Developer Platform SQL Injection Vulnerability

]]>

Sun, 10 Aug 2025 11:15:00 GMT

read more

CVE-2025-8803 - Open5GS Denial of Service Vulnerability

]]>

Sun, 10 Aug 2025 10:15:00 GMT

read more

CVE-2025-8804 - Open5GS AMF Remote Assertion Vulnerability

]]>

Sun, 10 Aug 2025 10:15:00 GMT

read more

CVE-2025-8801 - Open5GS Denial of Service Vulnerability

]]>

Sun, 10 Aug 2025 09:15:00 GMT

read more

CVE-2025-8802 - Open5GS SMF Denial of Service Vulnerability

]]>

Sun, 10 Aug 2025 09:15:00 GMT

read more

CVE-2025-8800 - Open5GS AMF Component Denial of Service Vulnerability

]]>

Sun, 10 Aug 2025 08:15:00 GMT

read more

CVE-2025-8799 - Open5GS AMF Denial of Service Vulnerability

]]>

Sun, 10 Aug 2025 08:15:00 GMT

read more

CVE-2025-8798 - Samarium Unrestricted File Upload Vulnerability

]]>

Sun, 10 Aug 2025 07:15:00 GMT

read more

CVE-2025-8797 - "LitmusChaos Litmus LocalStorage Handler Remote Permission Vulnerability"

]]>

Sun, 10 Aug 2025 07:15:00 GMT

read more

CVE-2025-8795 - LitmusChaos Litmus Remote File Inclusion Vulnerability

]]>

Sun, 10 Aug 2025 06:15:00 GMT

read more

CVE-2025-8796 - LitmusChaos Litmus Missing Authorization Vulnerability

]]>

Sun, 10 Aug 2025 06:15:00 GMT

read more

CVE-2025-8794 - LitmusChaos Litmus LocalStorage Handler Authorization Bypass

]]>

Sun, 10 Aug 2025 05:15:00 GMT

read more

CVE-2025-8793 - "LitmusChaos Litmus Remote Resource Identifier Improper Control Vulnerability"

]]>

Sun, 10 Aug 2025 04:15:00 GMT

read more

CVE-2025-8792 - "LitmusChaos Litmus Client-Side Enforcement of Server-Side Security Remote Vulnerability"

]]>

Sun, 10 Aug 2025 04:15:00 GMT

read more

CVE-2025-52136 - EMQX Unvalidated Plugin Installation Vulnerability

]]>

Sun, 10 Aug 2025 04:15:00 GMT

read more

CVE-2025-8791 - LitmusChaos Litmus Remote File Authorization Bypass

]]>

Sun, 10 Aug 2025 04:15:00 GMT

read more

CVE-2025-8789 - Portabilis i-Educar API Endpoint Remote Authorization Bypass Vulnerability

]]>

Sun, 10 Aug 2025 03:15:00 GMT

read more

CVE-2025-8790 - Portabilis i-Educar Remote API Endpoint Authorization Bypass Vulnerability

]]>

Sun, 10 Aug 2025 03:15:00 GMT

read more

CVE-2025-8788 - Portabilis i-Diario Cross-Site Scripting Vulnerability

]]>

Sun, 10 Aug 2025 03:15:00 GMT

read more

CVE-2025-8787 - Portabilis i-Diario Cross-Site Scripting Vulnerability

]]>

Sun, 10 Aug 2025 02:15:00 GMT

read more

CVE-2025-8786 - Portabilis i-Diario Cross Site Scripting Vulnerability

]]>

Sun, 10 Aug 2025 01:15:00 GMT

read more

CVE-2025-8785 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Sun, 10 Aug 2025 00:15:00 GMT

read more

CVE-2025-8784 - Portabilis i-Educar Cross Site Scripting Vulnerability

]]>

Sat, 09 Aug 2025 23:15:00 GMT

read more

CVE-2025-8775 - Qiyuesuo Electronic Signature Platform Unrestricted File Upload Vulnerability

]]>

Sat, 09 Aug 2025 21:15:00 GMT

read more

CVE-2025-8774 - Riscv-boom SonicBOOM L1 Data Cache Handler Timing Discrepancy Vulnerability

]]>

Sat, 09 Aug 2025 21:15:00 GMT

read more

CVE-2025-8773 - Dinstar Monitoring Platform SQL Injection Vulnerability

]]>

Sat, 09 Aug 2025 20:15:00 GMT

read more

CVE-2025-8772 - Vinades NukeViet Server-Side Request Forgery Vulnerability

]]>

Sat, 09 Aug 2025 20:15:00 GMT

read more

CVE-2025-8765 - Datacom DM955 5GT 1200 Wireless Basic Settings Cross Site Scripting Vulnerability

]]>

Sat, 09 Aug 2025 19:15:00 GMT

read more

CVE-2025-8764 - Linlinjava Litemall Unrestricted File Upload Vulnerability

]]>

Sat, 09 Aug 2025 19:15:00 GMT

read more

CVE-2025-8763 - Ruijie EG306MG StrongSwan Aggressive Mode PSK Encryption Bypass Vulnerability

]]>

Sat, 09 Aug 2025 18:15:00 GMT

read more

CVE-2025-8759 - TRENDnet Lighttpd Hard-Coded Cryptographic Key Vulnerability

]]>

Sat, 09 Aug 2025 17:15:00 GMT

read more

CVE-2025-8758 - TRENDnet TEW-822DRE FTP Server Local Privilege Escalation Vulnerability

]]>

Sat, 09 Aug 2025 16:15:00 GMT

read more

CVE-2025-8756 - TDuckCloud Authorization Interceptor PreHandle Remote Improper Authorization Vulnerability

]]>

Sat, 09 Aug 2025 15:15:00 GMT

read more

CVE-2025-8757 - TRENDnet Embedded Boa Web Server Least Privilege Violation

]]>

Sat, 09 Aug 2025 15:15:00 GMT

read more

CVE-2022-50233 - Linux Kernel Bluetooth eir strlen Vulnerability

{dev_name,short_name} Both dev_name and short_name are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be truncated or not. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 09 Aug 2025 15:15:00 GMT

read more

CVE-2024-58238 - "Bluetooth btnxpuart UART Break Timing Vulnerability"

ps_state is read as PS_STATE_AWAKE, which prevents the psdata->work from being scheduled, which is responsible to turn OFF UART break. This issue is fixed by adding a ps_lock mutex around UART break on/off as well as around ps_state read/write. btnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is PS_STATE_SLEEP, it will first schedule psdata->work, and then it will reschedule itself once UART break has been turned off and ps_state is PS_STATE_AWAKE. Tested above script for 50,000 iterations and TX timeout error was not observed anymore. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 09 Aug 2025 15:15:00 GMT

read more

CVE-2025-8755 - Macrozheng Mall Authorization Bypass Vulnerability

]]>

Sat, 09 Aug 2025 14:15:00 GMT

read more

CVE-2025-7726 - WordPress The7 Stored Cross-Site Scripting Vulnerability

]]>

Sat, 09 Aug 2025 14:15:00 GMT

read more

CVE-2025-8753 - Linlinjava Litemall File Handler Path Traversal Vulnerability

]]>

Sat, 09 Aug 2025 14:15:00 GMT

read more

CVE-2025-7020 - BYD DiLink 3.0 OS IVI Unit Log Dump Encryption Bypass

]]>

Sat, 09 Aug 2025 13:15:00 GMT

read more

CVE-2025-8752 - Wangzhixuan Spring-Shiro-Training Command Injection Vulnerability

]]>

Sat, 09 Aug 2025 12:15:00 GMT

read more

CVE-2025-8751 - Protected Total WebShield Extension Chrome Cross-Site Scripting Vulnerability

]]>

Sat, 09 Aug 2025 08:15:00 GMT

read more

CVE-2025-8750 - Macrozheng Mall Cross-Site Scripting Vulnerability

]]>

Sat, 09 Aug 2025 07:15:00 GMT

read more

CVE-2025-8746 - "GNU libopts __strstr_sse2 Memory Corruption Vulnerability"

]]>

Sat, 09 Aug 2025 06:15:00 GMT

read more

CVE-2025-8771 - Apache Database Configuration Insecure Feature

]]>

Sat, 09 Aug 2025 05:15:00 GMT

read more

CVE-2025-4655 - Liferay Portal SSRF Template Bypass

]]>

Sat, 09 Aug 2025 05:15:00 GMT

read more

CVE-2025-8745 - Weee RICEPO App Android AndroidManifest.xml Component Export Vulnerability

]]>

Sat, 09 Aug 2025 05:15:00 GMT

read more

CVE-2025-4581 - Liferay Portal Blind SSRF Vulnerability

]]>

Sat, 09 Aug 2025 05:15:00 GMT

read more

CVE-2025-55008 - WorkOS AuthKit React Router Authentication Artifact Exposure

]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55009 - WorkOS AuthKit Remix Sensitive Authentication Artifact Exposure

]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55013 - Assemblyline 4 Service Client Path Traversal Vulnerability

]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55149 - Tiny-Scientist PDF Path Traversal Vulnerability

]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55001 - OpenBao LDAP Auth Bypass Vulnerability

]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55003 - OpenBao MFA TOTP Whitespace Bypass Vulnerability

]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55006 - Frappe Learning SVG Injection Vulnerability

]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-54999 - OpenBao User Enumeration Vulnerability

]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55000 - OpenBao TOTP Secrets Engine Code Replay Vulnerability

]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-54997 - OpenBao Audit Subsystem Privilege Escalation

]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-54998 - OpenBao Authentication Bypass Vulnerability

]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-54417 - Craft CMS Remote Code Execution Bypass

]]>

Sat, 09 Aug 2025 02:15:00 GMT

read more

CVE-2025-54888 - Fedify ActivityPub Actor Impersonation Bypass

]]>

Sat, 09 Aug 2025 02:15:00 GMT

read more

CVE-2025-54996 - OpenBao Identity Escalation Privilege Vulnerability

]]>

Sat, 09 Aug 2025 02:15:00 GMT

read more

CVE-2025-55152 - Oak Denial of Service (DoS) Vulnerability

]]>

Sat, 09 Aug 2025 02:15:00 GMT

read more

CVE-2025-8744 - CesiumLab Web SQL Injection Vulnerability

]]>

Sat, 09 Aug 2025 00:15:00 GMT

read more

CVE-2025-6573 - Qualcomm Snapdragon Secure Kernel Information Leak

]]>

Sat, 09 Aug 2025 00:15:00 GMT

read more

CVE-2025-46709 - Apache HTTP Server Kernel Heap Information Disclosure

]]>

Sat, 09 Aug 2025 00:15:00 GMT

read more

CVE-2025-8743 - Scada-LTS Cross-Site Scripting Vulnerability

]]>

Fri, 08 Aug 2025 23:15:00 GMT

read more

CVE-2025-8741 - Macrozheng Mall Remote Cleartext Transmission of Sensitive Information Vulnerability

]]>

Fri, 08 Aug 2025 22:16:00 GMT

read more

CVE-2025-8742 - Macrozheng Mall Admin Login Remote Authentication Bypass Vulnerability

]]>

Fri, 08 Aug 2025 22:16:00 GMT

read more

CVE-2025-55188 - 7-Zip Symbolic Link Extraction Vulnerability

]]>

Fri, 08 Aug 2025 21:15:00 GMT

read more

CVE-2025-8739 - My-Blog CSRF Vulnerability

]]>

Fri, 08 Aug 2025 21:15:00 GMT

read more

CVE-2025-8740 - My-Blog Category Handler Cross-Site Scripting Vulnerability

]]>

Fri, 08 Aug 2025 21:15:00 GMT

read more

CVE-2025-8738 - "zlt2000 Microservices-Platform Spring Actuator Interface Information Disclosure Vulnerability"

]]>

Fri, 08 Aug 2025 20:15:00 GMT

read more

CVE-2025-8737 - Open Redirect Vulnerability in zlt2000 Microservices-Platform

]]>

Fri, 08 Aug 2025 20:15:00 GMT

read more

CVE-2012-10047 - Cyclope Employee Surveillance Solution SQL Injection RCE

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10048 - Zenoss Core Command Injection Vulnerability

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10049 - WebPageTest PHP File Upload RCE

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10050 - CuteFlow PHP File Upload Vulnerability (Arbitrary Code Execution)

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10051 - ProShow Producer Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10052 - EGallery Arbitrary File Upload RCE

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10053 - Apache Simple Web Server HTTP Header Buffer Overflow

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2025-4796 - Eventin WordPress Privilege Escalation Vulnerability

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2025-8735 - GNU cflow Null Pointer Dereference Vulnerability

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2025-8736 - GNU cflow Lexer Buffer Overflow Vulnerability

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10043 - ActFax Server Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10044 - MobileCartly File Creation Vulnerability

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10045 - XODA PHP File Upload RCE

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10046 - "ESVA E-Mail Security Virtual Appliance Unauthenticated Command Injection"

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2010-10013 - AjaXplorer/Pydio Cells Remote Command Execution Vulnerability

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10036 - Project Pier Arbitrary File Upload Vulnerability

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10041 - Citrix WAN Emulator Unauthenticated Command Execution and Privilege Escalation Vulnerability

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10042 - Apache Sflog! CMS Remote File Upload Vulnerability

]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2025-52913 - Mitel MiCollab NuPoint Unified Messaging Path Traversal Vulnerability

]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-52914 - Mitel MiCollab SQL Injection Vulnerability

]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-5095 - Burk Technology ARC Solo Authentication Bypass

]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-8733 - GNU Bison Local Assertion Vulnerability

]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-8734 - GNU Bison Double Free Vulnerability

]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-50927 - "EHCP FTP User List XSS"

]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-50928 - Easy Hosting Control Panel EHCP SQL Injection

]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-46414 - Apache IoT Device PIN Brute-Force Weakness

]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-47872 - Cisco Product Serial Number Information Disclosure Vulnerability

]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-50465 - Apache OpenMetadata SQL Injection

]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-50466 - Apache OpenMetadata SQL Injection Vulnerability

]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-50467 - Apache OpenMetadata SQL Injection Vulnerability

]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-50468 - Apache OpenMetadata SQL Injection Vulnerability

]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-53520 - EG4 Firmware Update Vulnerability - Unchecked Archive Exploitation

]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-8284 - Packet Power Monitoring and Control Web Interface Authentication Bypass

]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-8393 - "Fortnite Phone TLS Accepts Self-Signed Certificates"

]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-8732 - Libxml2 SGML Catalog Recursion Vulnerability

]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-4576 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 08 Aug 2025 16:15:00 GMT

read more

CVE-2025-52586 - "Vulnerability in Schneider Electric Inverter Command Traffic"

]]>

Fri, 08 Aug 2025 16:15:00 GMT

read more

CVE-2025-8355 - Xerox FreeFlow Core XML SSRF Vulnerability

]]>

Fri, 08 Aug 2025 16:15:00 GMT

read more

CVE-2025-8356 - Xerox FreeFlow Core Path Traversal Remote Code Execution

]]>

Fri, 08 Aug 2025 16:15:00 GMT

read more

CVE-2025-8731 - TRENDnet SSH Service Default Credentials Vulnerability (Critical)

]]>

Fri, 08 Aug 2025 16:15:00 GMT

read more

CVE-2025-36023 - IBM Cloud Pak for Business Automation Information Disclosure Vulnerability

]]>

Fri, 08 Aug 2025 15:15:00 GMT

read more

CVE-2025-36119 - IBM Digital Certificate Manager for i Web Session Hijacking Privilege Escalation

]]>

Fri, 08 Aug 2025 15:15:00 GMT

read more

CVE-2025-8730 - Belkin Web Interface Hard-Coded Credentials Remote Vulnerability

]]>

Fri, 08 Aug 2025 15:15:00 GMT

read more

CVE-2020-9322 - Statamic Core XSS Vulnerability

]]>

Fri, 08 Aug 2025 15:15:00 GMT

read more

CVE-2025-8729 - MigoXLab LMeterX Remote Path Traversal Vulnerability

]]>

Fri, 08 Aug 2025 14:15:00 GMT

read more

CVE-2025-8088 - WinRAR Windows Path Traversal RCE

]]>

Fri, 08 Aug 2025 12:15:00 GMT

read more

CVE-2025-8749 - MiR API Path Traversal Vulnerability

]]>

Fri, 08 Aug 2025 12:15:00 GMT

read more

CVE-2025-8748 - MiR Command Injection Vulnerability

]]>

Fri, 08 Aug 2025 11:15:00 GMT

read more

CVE-2025-48913 - Apache CXF JMS Untrusted Configuration RCE

]]>

Fri, 08 Aug 2025 10:15:00 GMT

read more

CVE-2025-53606 - Apache Seata (incubating) Deserialization of Untrusted Data Remote Code Execution

]]>

Fri, 08 Aug 2025 10:15:00 GMT

read more

CVE-2025-6572 - OpenStreetMap for Gutenberg WPBakery Page Builder Stored Cross-Site Scripting Vulnerability

]]>

Fri, 08 Aug 2025 06:15:00 GMT

read more

CVE-2025-54940 - WordPress Advanced Custom Fields HTML Injection Vulnerability

]]>

Fri, 08 Aug 2025 05:15:00 GMT

read more

CVE-2025-54958 - Powered BLUE OS Command Injection Vulnerability

]]>

Fri, 08 Aug 2025 05:15:00 GMT

read more

CVE-2025-54959 - BLUE Server File Traversal Vulnerability

]]>

Fri, 08 Aug 2025 05:15:00 GMT

read more

CVE-2024-58256 - EnzoH OS Command Injection Vulnerability

]]>

Fri, 08 Aug 2025 04:16:00 GMT

read more

CVE-2024-58257 - EnzoH OS Command Injection

]]>

Fri, 08 Aug 2025 04:16:00 GMT

read more

CVE-2024-58255 - EnzoH OS Command Injection Vulnerability

]]>

Fri, 08 Aug 2025 04:15:00 GMT

read more

CVE-2025-8707 - Huuge Box App Improper Android Application Component Export Vulnerability

]]>

Fri, 08 Aug 2025 03:15:00 GMT

read more

CVE-2025-8708 - Antabot White-Jotter Deserialization Vulnerability

]]>

Fri, 08 Aug 2025 03:15:00 GMT

read more

CVE-2025-8706 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability

]]>

Fri, 08 Aug 2025 02:15:00 GMT

read more

CVE-2025-54886 - Skops Remote Code Execution Vulnerability

]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-54887 - jwe JSON Web Encryption Authentication Tag Brute Force Vulnerability

]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-8703 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability

]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-8704 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection

]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-8705 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability

]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-54793 - Astro Open Redirect Vulnerability

]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-54368 - "uv ZIP Archive Extraction Vulnerability"

]]>

Fri, 08 Aug 2025 00:15:00 GMT

read more

CVE-2025-54952 - ExecuTorch Integer Overflow Code Execution Vulnerability

]]>

Fri, 08 Aug 2025 00:15:00 GMT

read more

CVE-2025-8702 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability

]]>

Fri, 08 Aug 2025 00:15:00 GMT

read more

Fuite de données chez Optic 2000

]]>

Fri Aug 08 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-54951 - ExecuTorch Buffer Overflow Vulnerabilities

]]>

Thu, 07 Aug 2025 23:15:00 GMT

read more

CVE-2025-54949 - ExecuTorch Heap Buffer Overflow Vulnerability

]]>

Thu, 07 Aug 2025 23:15:00 GMT

read more

CVE-2025-54950 - Oracle ExecuTorch Out-of-Bounds Access Code Execution

]]>

Thu, 07 Aug 2025 23:15:00 GMT

read more

CVE-2025-30405 - ExecuTorch Integer Overflow Code Execution Vulnerability

]]>

Thu, 07 Aug 2025 23:15:00 GMT

read more

CVE-2025-30404 - Apache ExecuTorch Integer Overflow Code Execution

]]>

Thu, 07 Aug 2025 23:15:00 GMT

read more

CVE-2025-54787 - SuiteCRM Unauthenticated File Download Vulnerability

]]>

Thu, 07 Aug 2025 22:15:00 GMT

read more

CVE-2025-53787 - Microsoft 365 Copilot BizChat Sensitive Data Exposure

]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-53792 - Azure Portal Unauthenticated Remote Command Injection

]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-8698 - Open5GS AMF Service Assertion Vulnerability

]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-8701 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability

]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-45765 - Apache Ruby-JWT Weak Encryption Vulnerability

]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-53767 - Azure OpenAI Privilege Escalation

]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-53774 - Microsoft 365 Copilot BizChat Unauthenticated Data Exposure

]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-26513 - EMC SAN Host Utilities Privilege Escalation Vulnerability

]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-48709 - BMC Control-M Cleartext Credentials Exposure Vulnerability

]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-47183 - GStreamer Isomp4 Information Disclosure

]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-47219 - GStreamer isomp4 Information Disclosure Vulnerability

]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-47806 - GStreamer Subparse Buffer Overflow

]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-47807 - GStreamer Subparse NULL Pointer Dereference Vulnerability

]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-47808 - GStreamer Subparse NULL Pointer Dereference Vulnerability

]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-7195 - Operator-SDK Insecure User Setup Permissions Vulnerability

]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2025-8697 - AgentUniverse MCPSessionManager/MCPTool/MCPToolkit Os Command Injection Vulnerability

]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2025-50675 - GPMAW Unprivileged Privilege Escalation Vulnerability

]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2025-50692 - FoxCMS Remote Code Execution Vulnerability

]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2025-51533 - Sage DPW IDOR Vulnerability

]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2025-55077 - Tyler Technologies ERP Pro 9 SaaS Privilege Escalation Command Injection

]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2023-41530 - "MediCare SQL Injection"

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41531 - Hospital Management System SQL Injection Vulnerability

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41532 - Medicore Hospital Management System SQL Injection

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2025-51629 - Eccobook PdfViewer XSS

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41521 - SAM System SQL Injection Vulnerability

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41522 - SAMSS SQL Injection Vulnerability

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41523 - SAMSS SQL Injection

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41524 - SAM System SQL Injection

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41525 - MedCare Hospital Management System SQL Injection

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41526 - "MediCare Hospital Management System SQL Injection Vulnerability"

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41527 - Medcare Hospital Management System SQL Injection

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41528 - "MediCare SQL Injection Vulnerability"

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41529 - "MediSys Hospital Management System Cross-Site Scripting Vulnerability"

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-40992 - Apache Hospital Management System SQL Injection Vulnerability

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41519 - SAM System Cross-Site Scripting Vulnerability

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41520 - SAM System SQL Injection Vulnerability

]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2025-54397 - Netwrix Directory Manager Information Disclosure Vulnerability

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-55137 - Apache LinkJoin Authentication Bypass

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-55138 - LinkJoin Password Reset Token Ownership Vulnerability

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-34152 - "Aitemi M300 Wi-Fi Repeater OS Command Injection"

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-54392 - Netwrix Directory Manager Cross-Site Scripting

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-54393 - Netwrix Directory Manager Static Code Injection Vulnerability

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-54394 - Netwrix Directory Manager Insufficiently Protected Credentials Vulnerability

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-54395 - Netwrix Directory Manager XSS Vulnerability

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-54396 - Netwrix Directory Manager SQL Injection

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2024-42048 - OpenOrange Business Framework Privilege Escalation

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-24000 - WPExperts Post SMTP Authentication Bypass

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-34148 - Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection Vulnerability

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-34149 - Shenzhen Aitemi M300 Wi-Fi Repeater WPA2 Command Injection

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-34150 - Shenzhen Aitemi M300 Wi-Fi Repeater PPPoE Command Injection Vulnerability

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-34151 - Shenzhen Aitemi M300 Wi-Fi Repeater Command Injection Vulnerability

]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2024-56339 - IBM WebSphere Application Server Bypass of Security Restrictions Vulnerability

]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-44779 - Ollama File Deletion Remote Code Execution

]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-47907 - Apache Cassandra Rows QueryLogic Race Condition

]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-55133 - Agora Foundation Agora Cross-Site Scripting (XSS)

]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-55134 - "Agora Foundation Agora XSS Injection Vulnerability"

]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-55135 - Agora Foundation Agora XSS via SVG Profile Picture

]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-55136 - ERC Insecure Deserialization Vulnerability

]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-7054 - Cloudflare Quiche Infinite QUIC Connection ID Retirement Loop Vulnerability

]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-47188 - Mitel SIP Phones Command Injection Vulnerability

]]>

Thu, 07 Aug 2025 15:15:00 GMT

read more

CVE-2025-50952 - OpenJPEG NULL Pointer Dereference Vulnerability

]]>

Thu, 07 Aug 2025 15:15:00 GMT

read more

CVE-2024-52680 - EyouCMS Cross Site Scripting Vulnerability

]]>

Thu, 07 Aug 2025 14:15:00 GMT

read more

CVE-2024-55401 - 4C Strategies Exonaut Directory Traversal Vulnerability

]]>

Thu, 07 Aug 2025 14:15:00 GMT

read more

CVE-2025-8533 - Fantastical XPC Services Unauthenticated Remote Code Execution

]]>

Thu, 07 Aug 2025 10:15:00 GMT

read more

CVE-2025-29866 - TAGFREE X-Free Uploader Path Traversal Vulnerability

]]>

Thu, 07 Aug 2025 06:15:00 GMT

read more

CVE-2025-35970 - SEIKO EPSON and FUJIFILM SNMP Guessable Administrator Password Vulnerability

]]>

Thu, 07 Aug 2025 06:15:00 GMT

read more

CVE-2025-32094 - Akamai Ghost HTTP Request Smuggling Vulnerability

]]>

Thu, 07 Aug 2025 05:15:00 GMT

read more

CVE-2025-29865 - TAGFREE X-Free Uploader Path Traversal Vulnerability

]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8576 - "Google Chrome Extensions Use After Free Heap Corruption Vulnerability"

]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8577 - Google Chrome Picture In Picture UI Spoofing Vulnerability

]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8578 - Google Chrome Use After Free Heap Corruption Vulnerability

]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8579 - Google Chrome Picture In Picture UI Spoofing Vulnerability

]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8580 - Google Chrome Filesystems UI Spoofing Vulnerability

]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8581 - Google Chrome Extensions Cross-Origin Data Leakage

]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8582 - Google Chrome URL Bar Spoofing Vulnerability

]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8583 - Google Chrome Permissions UI Spoofing Vulnerability

]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-3770 - EDK2 BIOS Bootkit Execution

]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54783 - SuiteCRM Reflected Cross-Site Scripting (XSS)

]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54784 - SuiteCRM Cross Site Scripting (XSS) Vulnerability

]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54798 - tmp Node.js Symbolic Link Directory Write Vulnerability

]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54799 - Lego ACME Library HTTP to HTTPS Enforcement Weakness

]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54882 - Microsoft Azure Entra ID and Intune Himmelblau World Readable Kerberos Credential Cache

]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54885 - Thinbus Javascript Secure Remote Password SRP6a Protocol Compliance Bug

]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54788 - SuiteCRM InboundEmail SQL Injection Vulnerability

]]>

Thu, 07 Aug 2025 00:15:00 GMT

read more

CVE-2025-54785 - SuiteCRM PHP Object Injection Vulnerability

]]>

Thu, 07 Aug 2025 00:15:00 GMT

read more

CVE-2025-54786 - SuiteCRM Broken Authentication in iCal Service

]]>

Thu, 07 Aug 2025 00:15:00 GMT

read more

CVE-2023-3194 - CVE-2022-1234: Apache Struts Remote Code Execution

]]>

Wed, 06 Aug 2025 23:15:00 GMT

read more

CVE-2025-8086 - Apache HTTP Server Remote Code Execution Vulnerability

]]>

Wed, 06 Aug 2025 23:15:00 GMT

read more

CVE-2025-7770 - Tigo Energy CCA Predictable Session ID Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-7768 - Tigo Energy CCA Hard-Coded Credentials Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-7769 - Tigo Energy CCA Command Injection Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-6634 - Autodesk 3ds Max Memory Corruption Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51052 - Vedo Suite Path Traversal Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51053 - Vedo Suite Cross-site Scripting (XSS)

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51054 - Vedo Suite Authentication Bypass

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51055 - Vedo Suite Insecure Data Storage Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51056 - Vedo Suite Unrestricted File Upload RCE

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51057 - Vedo Suite LFI Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51058 - Bottinelli Informatical Vedo Suite SSRF

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-6632 - Autodesk 3ds Max Out-of-Bounds Read

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-6633 - Autodesk 3ds Max Out-of-Bounds Write Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2024-55398 - 4C Strategies Exonaut Insecure Permissions Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2024-55399 - 4C Strategies Exonaut SSRF

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2024-55402 - 4C Strategies Exonaut Authentication Bypass Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-46660 - 4C Strategies Exonaut Hashing Without Salt Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-47908 - Apache Middleware Denial of Service Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-50740 - AutoConnect Arduino Library XSS Vulnerability

]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-38746 - Dell SupportAssist OS Recovery Exposure of Sensitive Information to an Unauthorized Actor

]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-38747 - Dell SupportAssist Elevation of Privileges Vulnerability

]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-45764 - jsrsasign RSA Key Encryption Weakness

]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-45766 - Poco Weak Encryption Vulnerability

]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-46659 - "4C Strategies Exonaut External HTTPS Information Disclosure"

]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-51624 - Zone Bitaqati Cross-Site Scripting (XSS)

]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-8130 - Apache Struts Command Injection Vulnerability

]]>

Wed, 06 Aug 2025 19:15:00 GMT

read more

CVE-2025-8667 - SkyworkAI DeepResearchAgent OS Command Injection Vulnerability

]]>

Wed, 06 Aug 2025 18:15:00 GMT

read more

CVE-2025-20215 - Cisco Webex Meetings Unauthenticated Meeting-Join Vulnerability

]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2025-20331 - Cisco ISE/Cisco ISE-PIC Stored XSS Vulnerability

]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2025-20332 - Cisco ISE HTTP Request Forgery (Remote Code Execution)

]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2025-30127 - Marbella KR8s Dashcam FF Information Disclosure and File Access Vulnerability

]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2025-8419 - Keycloak SMTP Injection Vulnerability

]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2025-8665 - Agno-agi Agno Os Command Injection Vulnerability

]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2024-8244 - Go filepath Symbolic Link TOCTOU

]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-48393 - Eaton Firmware Man-in-the-Middle Attack Vulnerability

]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-48394 - Eaton File Traversal Vulnerability

]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-51531 - Sage DPW Reflected Cross-Site Scripting (XSS)

]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-51532 - Sage DPW Unauthenticated Access Control Bypass Vulnerability

]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-53786 - Microsoft Exchange Server Hybrid Deployment Authentication Bypass Vulnerability

]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-50234 - MCCMS SSRF Flaw

]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-50286 - Grav CMS Remote Code Execution

]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-51040 - Electrolink FM/DAB/TV Transmitter Web Unauthorized Access

]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-51306 - Gatling Enterprise Session Token Expired

]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-51308 - Gatling Enterprise Information Disclosure Vulnerability

]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2024-52885 - Fortinet Mobile Access Portal Directory Traversal Vulnerability

]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-2028 - Apache Log4j Country Flag IP Information Disclosure

]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-36020 - IBM Guardium Data Protection Cleartext Credential Disclosure

]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-50233 - QCMS File Inclusion Vulnerability

]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-3320 - IBM Tivoli Monitoring Heap-Based Buffer Overflow Vulnerability

]]>

Wed, 06 Aug 2025 14:15:00 GMT

read more

CVE-2025-3354 - IBM Tivoli Monitoring Heap-Based Buffer Overflow Vulnerability

]]>

Wed, 06 Aug 2025 14:15:00 GMT

read more

CVE-2025-8616 - OpenText Advanced Authentication Browser Plugin Authentication Bypass

]]>

Wed, 06 Aug 2025 14:15:00 GMT

read more

CVE-2025-23325 - NVIDIA Triton Inference Server Recursion Denial of Service

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23326 - NVIDIA Triton Inference Server Integer Overflow Denial of Service

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23327 - NVIDIA Triton Inference Server Integer Overflow Vulnerability

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23331 - NVIDIA Triton Inference Server Denial of Service (DoS)

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23333 - NVIDIA Triton Inference Server Out-of-Bounds Read Vulnerability

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23334 - NVIDIA Triton Inference Server Out-of-Bounds Read Vulnerability

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23335 - NVIDIA Triton Inference Server Denial of Service Underflow

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23310 - NVIDIA Triton Inference Server Stack Buffer Overflow Vulnerability

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23311 - NVIDIA Triton Inference Server Stack Overflow Remote Code Execution Vulnerability

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23317 - NVIDIA Triton Inference Server HTTP Server Remote Code Execution Vulnerability

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23318 - NVIDIA Triton Inference Server Python Backend Out-of-Bounds Write

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23319 - NVIDIA Triton Inference Server Python Backend Out-of-Bounds Write Remote Code Execution Vulnerability

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23320 - NVIDIA Triton Inference Server Memory Information Disclosure

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23321 - NVIDIA Triton Inference Server Divide by Zero Denial of Service

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23322 - NVIDIA Triton Inference Server Double Free Denial of Service Vulnerability

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23323 - NVIDIA Triton Inference Server Integer Overflow Denial of Service

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23324 - NVIDIA Triton Inference Server Integer Overflow Denial of Service

]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-5197 - Hugging Face Transformers ReDoS Vulnerability

]]>

Wed, 06 Aug 2025 12:15:00 GMT

read more

CVE-2025-46388 - Apache HTTP Server Information Disclosure

]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-46389 - Microsoft Azure Active Directory Password Change

]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-46390 - Apache Web Server HTTP Response Manipulation Vulnerability

]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-46391 - Apache HTTP Server Authentication Bypass

]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-46386 - Apache Struts Authentication Bypass

]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-46387 - Apache Struts SSRF

]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-22469 - Siemens SIMATIC S7-1200 OS Command Injection Vulnerability

]]>

Wed, 06 Aug 2025 10:15:00 GMT

read more

CVE-2025-22470 - Siemens SIMATIC CL4/6NX Plus Lua File Execution Vulnerability

]]>

Wed, 06 Aug 2025 10:15:00 GMT

read more

CVE-2025-6013 - Vault LDAP MFA Enforcement Weakness

]]>

Wed, 06 Aug 2025 10:15:00 GMT

read more

CVE-2025-7771 - "ThrottleStop.sys Kernel Memory Access Vulnerability"

]]>

Wed, 06 Aug 2025 10:15:00 GMT

read more

CVE-2025-8620 - GiveWP Information Exposure Vulnerability

]]>

Wed, 06 Aug 2025 10:15:00 GMT

read more

CVE-2025-7202 - Elgato Key Lights CSRF Vulnerability

]]>

Wed, 06 Aug 2025 09:15:00 GMT

read more

CVE-2025-8556 - CIRCL FourQ Elliptic Curve Diffie-Hellman Key Exchange Session Compromise

]]>

Wed, 06 Aug 2025 09:15:00 GMT

read more

CVE-2025-27066 - "Qualcomm Wi-Fi ANQP Message Processing Denial of Service"

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27067 - Intel Graphics Memory Corruption Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27068 - Apache ExoPlayer IOCTL Memory Corruption

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27069 - Citrix Hypervisor Memory Corruption Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27071 - Powerline Communication Firmware Buffer Overflow

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27072 - Cisco EAVB Header Length Information Disclosure Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27073 - Cisco Nexus Series: Denial of Service Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27075 - Qualcomm Bluetooth Host Memory Corruption Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27076 - Citrix NetScaler Memory Corruption Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-47324 - D-Link Powerline Information Disclosure Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-7954 - Shopware Voucher System Race Condition

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21465 - Cisco Networking Equipment Information Disclosure

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21472 - Citrix eSE Debug Information Disclosure Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21473 - Cisco Camera Data Mover (CDM) Register Write Memory Corruption Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21474 - Samsung Android A2dp Sink Command Queue Memory Corruption Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21477 - Oracle NetWare CCCH Data Handling Denial of Service Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27062 - Apache Kafka Deserialization Memory Corruption Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27065 - Cisco Security Appliance Denial of Service

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21452 - Nokia LTE Network Transient Denial of Service

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21455 - Apache HTTP Server Kernel Memory Corruption Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21456 - Microsoft Windows Kernel IOCTL Buffer Overflow

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21457 - Apache Fasta RPC Information Disclosure Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21458 - Apache Cassandra Use-After-Free Buffer Overflow

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21461 - Qualcomm Snapdragon CDM Register Programming Memory Corruption Vulnerability

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21464 - Apache ImageMagick Out-of-Bounds Read Information Disclosure

]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-20990 - Western Digital External Hard Drive Device Node Access Control Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21010 - SamsungAccount Privilege Escalation Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21011 - Samsung Galaxy Watch Unauthenticated Sensor Data Exposure

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21012 - Samsung Galaxy Watch Fall Detection Access Control Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21013 - Samsung Galaxy Watch SemSensorManager Access Control Bypass

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21014 - Android Emergency SoS Component Export Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21015 - "Acme Document Scanner Path Traversal Vulnerability (Local File Deletion)"

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21016 - PkgPredictorService Android Improper Access Control Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21017 - Blockchain Keystore Out-of-bounds Write Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21018 - Blockchain Keystore OOB Read Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21019 - Samsung Health Authorization Bypass Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21020 - Blockchain Keystore OOB Write Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21021 - Blockchain Keystore Out-of-Bounds Write Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21022 - Galaxy Wearable Information Disclosure Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21023 - Samsung Galaxy Watch Local File Access Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21024 - Android Smart View Implicit Intent Information Disclosure Vulnerability

]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-55023 - Fortinet SSL/TLS Weakness

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55024 - Apache HTTP Server Authentication Bypass

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55025 - Apache HTTP Server Unvalidated User Input

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55026 - Apache HTTP Server Unvalidated User Input

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55027 - Apache HTTP Server Cross-Site Request Forgery

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-6994 - Smartdatasoft WordPress Reveal Listing Plugin Privilege Escalation

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-7399 - "Elementor Stored Cross-Site Scripting in Betheme Theme for WordPress"

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-7498 - Elementor Exclusive Addons Stored Cross-Site Scripting

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-8100 - Elementor Addons and Templates Stored Cross-Site Scripting

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54640 - Apache Flink Deserialization ParcelMismatch Vulnerability

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54641 - Apache Kernel Buffer Overflow Vulnerability

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54642 - Qualcomm Snapdragon kernel gyroscope buffer overflow vulnerability

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54643 - Apache Ambient Light Module Array Out-of-Bounds Information Disclosure

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54644 - Apache Ambient Light Kernel Memory Corruption

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54645 - Apache Location Service Array Index Out-of-Bounds Vulnerability

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54646 - Qualcomm BLE Packet Length Overflow Vulnerability

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54647 - NearLink SSAP Out-of-bounds Read Vulnerability

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54648 - NearLink SSAP Out-of-bounds Read Vulnerability

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54649 - Google Location Service Type Confusion Vulnerability

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54650 - Cisco Audio Codec Array Index Vulnerability

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54651 - HuFS Kernel Race Condition Confidentiality Vulnerability

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55019 - Apache HTTP Server Cross-Site Request Forgery

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55020 - Apache Struts Deserialization Vulnerability

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55021 - Apache HTTP Server Denial of Service

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55022 - Apache HTTP Server Cross-Site Request Forgery

]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-8632 - Kenwood DMX958XR Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8633 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8634 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8635 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8636 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8637 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8638 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8639 - Kenwood DMX958XR Root Command Injection Vulnerability

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8640 - Kenwood DMX958XR Root Command Injection Vulnerability

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8641 - Kenwood DMX958XR Firmware Update Root Command Injection Vulnerability

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8642 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8643 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8644 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8645 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8646 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8647 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8648 - Kenwood DMX958XR Root Command Injection Vulnerability

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8649 - Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8650 - Kenwood DMX958XR libSystemLib Command Injection Remote Code Execution Vulnerability

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8651 - Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8652 - Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8653 - Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8654 - Kenwood DMX958XR Command Injection Remote Code Execution Vulnerability

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8655 - Kenwood DMX958XR libSystemLib Command Injection Remote Code Execution

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8656 - Kenwood DMX958XR Software Downgrade Vulnerability

]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-32430 - XWiki Platform Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54124 - XWiki Platform Password Hash Disclosure Vulnerability

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54125 - XWiki Platform XML Export Information Disclosure Vulnerability

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54571 - ModSecurity HTTP Response Content-Type Header Hijacking Vulnerability

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54594 - React Native Bottom Tabs GitHub Actions Code Execution

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54801 - Fiber Ctx.BodyParser Slice Index Overflow/Exhaustion Vulnerability

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54869 - FPDI PDF DoS Vulnerability

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54872 - "Onion-Site-Template Tor Image Exposure Vulnerability"

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54873 - RISC Zero RISC-V Arithmetic Overflow/Underflow

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54876 - Janssen Project PlainText Password Storage Vulnerability

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54879 - Mastodon LDAP Rate Limiting Email Confirmation Path Bypass Vulnerability

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54883 - Vision UI Security Kit Cryptographic Weakness

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54884 - Vision UI Denial of Service Vulnerability

]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

Fuite de données chez Bouygues Telecom

]]>

Wed Aug 06 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-8571 - Concrete CMS Reflected Cross-Site Scripting (XSS)

]]>

Tue, 05 Aug 2025 23:15:00 GMT

read more

CVE-2025-8573 - Concrete CMS Stored XSS on Members Dashboard

]]>

Tue, 05 Aug 2025 23:15:00 GMT

read more

CVE-2025-52237 - SSCMS Directory Traversal Vulnerability

]]>

Tue, 05 Aug 2025 21:15:00 GMT

read more

CVE-2025-53534 - RatPanel Remote Code Execution and Unauthorized Access Vulnerability

]]>

Tue, 05 Aug 2025 21:15:00 GMT

read more

CVE-2013-10067 - Glossword Remote Code Execution (RCE) Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10068 - Foxit Reader Plugin Stack-Based Buffer Overflow Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10069 - D-Link Router OS Command Injection Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10070 - Apache PHP-Charts PHP Code Execution Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2014-125113 - Dell KACE K1000 System Management Appliance Unrestricted File Upload Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2025-50592 - Seacms Cross Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2025-51541 - Shopware Stored XSS Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2025-52078 - Writebot AI Content Generator SaaS File Upload Privilege Escalation Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10024 - XBMC HTTP Server Path Traversal Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10025 - "WordPress Advanced Custom Fields RFI Remote Code Execution"

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10026 - "WordPress Asset-Manager Unauthenticated Remote Code Execution Vulnerability"

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10027 - WordPress WP-Property Unauthenticated Remote File Upload Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10028 - Netwin SurgeFTP Command Injection

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10029 - Nagios XI Command Injection Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10030 - FreeFloat FTP Server Remote Code Execution Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10031 - BlazeVideo HDTV Player Pro Stack-Based Buffer Overflow

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10032 - Maxthon Cross Context Scripting Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10033 - Narcissus PHP Remote Code Execution Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10034 - "ClanSphere File Inclusion Vulnerability"

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10035 - Turbo FTP Server Buffer Overflow Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10064 - ActFax Server Buffer Overflow Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10065 - Sysax Multi-Server SSH Denial-of-Service Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10066 - Kordil EDMS File Upload Remote Code Execution

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10023 - FreeFloat FTP Server Stack-Based Buffer Overflow Vulnerability

]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2025-45512 - DENX Software Engineering Das U-Boot Bootloader Firmware Signature Verification Bypass

]]>

Tue, 05 Aug 2025 19:15:00 GMT

read more

CVE-2025-50454 - Blue Access Cobalt X1 Authentication Bypass Vulnerability

]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-50688 - Apache TwistedWeb Command Injection Vulnerability

]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-51060 - CPUID cpuz.sys MSR LSTAR Hijacking Vulnerability

]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-51627 - Agenzia Impresa Eccobook CaricaVerbale Privilege Escalation Vulnerability

]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-51628 - Eccobook PdfHandler IDOR Vulnerability

]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-51857 - Halo XSS Vulnerability in AttachmentReconciler Class

]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-8586 - "Libav MPEG File Parser Null Pointer Dereference Vulnerability"

]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-43978 - Jointelli 5G CPE OS Command Injection Vulnerability

]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-43980 - FIRSTNUM JC21A-04 Default SSH Credentials Vulnerability

]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-54253 - Adobe Experience Manager Code Execution Vulnerability

]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-54254 - Adobe Experience Manager XXE File System Read Vulnerability

]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-7674 - Roche Diagnostics navify Monitoring Denial of Service (DoS) Vulnerability

]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-8584 - Libav AVI File Parser Null Pointer Dereference Vulnerability

]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-8585 - Libav DSS File Demuxer Double Free Vulnerability

]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-43979 - FIRSTNUM JC21A-04 Command Injection Vulnerability

]]>

Tue, 05 Aug 2025 16:15:00 GMT

read more

CVE-2025-46658 - "4C Strategies Exonaut ExonautWeb Information Disclosure"

]]>

Tue, 05 Aug 2025 16:15:00 GMT

read more

CVE-2025-27931 - PDF-XChange Editor Out-of-Bounds Read Vulnerability

]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-29745 - Emsisoft Anti-Malware Net-NTLMv2 Hash Information Disclosure

]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-2611 - ICTBroadcast Unauthenticated Remote Code Execution

]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-44964 - BlueStacks SSL Certificate Validation Weakness - Man-in-the-Middle

]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-46958 - Adobe Experience Manager Stored Cross-Site Scripting (XSS)

]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-47152 - PDF-XChange Editor Out-of-Bounds Read Vulnerability

]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-50706 - Apache ThinkPHP Remote Code Execution Vulnerability

]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-50707 - ThinkPHP3 Remote Code Execution Vulnerability

]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-54874 - OpenJPEG Out-of-Bounds Heap Memory Write

]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2024-52890 - IBM Engineering Lifecycle Optimization Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 14:15:00 GMT

read more

CVE-2025-7025 - Rockwell Automation Arena Out-of-Bounds Memory Access Vulnerability

]]>

Tue, 05 Aug 2025 14:15:00 GMT

read more

CVE-2025-7032 - Rockwell Automation Arena Memory Corruption Vulnerability

]]>

Tue, 05 Aug 2025 14:15:00 GMT

read more

CVE-2025-7033 - Rockwell Automation Arena Memory Corruption Vulnerability

]]>

Tue, 05 Aug 2025 14:15:00 GMT

read more

CVE-2025-54948 - Trend Micro Apex One Remote Code Execution

]]>

Tue, 05 Aug 2025 13:15:00 GMT

read more

CVE-2025-54987 - Trend Micro Apex One Remote Code Execution Vulnerability

]]>

Tue, 05 Aug 2025 13:15:00 GMT

read more

CVE-2025-8555 - Atjiu Pybbs Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 10:15:00 GMT

read more

CVE-2025-8553 - Atjiu Pybbs Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 09:15:00 GMT

read more

CVE-2025-8554 - Atjiu Pybbs Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 09:15:00 GMT

read more

CVE-2025-6207 - WordPress Import Export Lite Plugin File Upload Vulnerability

]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-8294 - WordPress Download Counter Stored Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-8295 - WordPress Employee Directory Stored Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-8551 - Atjiu Pybbs Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-8552 - Atjiu Pybbs Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-2810 - Apache Key Exposure

]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-41698 - Apache HTTP Server Command Injection Vulnerability

]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-5061 - WordPress Import Export Lite Plugin Arbitrary File Upload Vulnerability

]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-7050 - Google Drive plugin for WordPress Stored Cross-Site Scripting

]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-8313 - WordPress Campus Directory Stored Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-8315 - "WordPress WP Easy Contact Stored Cross-Site Scripting"

]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-8548 - "Atjiu Pybbs Registered Email Handler Information Exposure Vulnerability"

]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-8549 - "Atjiu Pybbs Password Weakness"

]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-8550 - "atjiu pybbs Cross-Site Scripting Vulnerability"

]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-54982 - Zscaler SAML Authentication Signature Forgery

]]>

Tue, 05 Aug 2025 06:15:00 GMT

read more

CVE-2025-8547 - Atjiu Pybbs Email Verification Handler Remote Authorization Bypass Vulnerability

]]>

Tue, 05 Aug 2025 06:15:00 GMT

read more

CVE-2025-54868 - LibreChat Meilisearch Engine Information Disclosure

]]>

Tue, 05 Aug 2025 05:15:00 GMT

read more

CVE-2025-8544 - Portabilis i-Educar Cross Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 05:15:00 GMT

read more

CVE-2025-8545 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 05:15:00 GMT

read more

CVE-2025-8546 - Atjiu Pybbs Captcha Guessing Vulnerability (Remote)

]]>

Tue, 05 Aug 2025 05:15:00 GMT

read more

CVE-2025-8542 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-8543 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54980 - Adobe Flash Player Arbitrary Command Execution

]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54978 - Apache HTTP Server HTTP Header Injection

]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54979 - Apache HTTP Server Unvalidated User Input

]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54974 - Apache HTTP Server Denial of Service

]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54975 - Apache HTTP Server Cross-Site Request Forgery

]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54976 - Apache HTTP Server Unvalidated User Input Leads to Remote Command Execution

]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54977 - Microsoft Azure Storage Rejected Reason

]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-53417 - DIAView Directory Traversal Information Disclosure Vulnerability

]]>

Tue, 05 Aug 2025 03:15:00 GMT

read more

CVE-2025-8540 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 03:15:00 GMT

read more

CVE-2025-8541 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 03:15:00 GMT

read more

CVE-2025-8539 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 02:15:00 GMT

read more

CVE-2025-54865 - Tilesheets MediaWiki SQL Injection Vulnerability

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54870 - VTun-ng Blowfish-256 Plaintext Reversion Vulnerability

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54871 - Electron TCC Bypass

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-8535 - "Cronoh NanoVault XSS Vulnerability"

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-8537 - Axiomatic Bento4 AP4_DataBuffer Buffer Overflow

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-8538 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54803 - js-toml Prototype Pollution Vulnerability

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54804 - Russh SSH Integer Overflow Vulnerability

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54780 - GLPI Screenshot Plugin File Disclosure and PHP Wrapper Abuse

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54794 - "Claude Code Directory Traversal Vulnerability"

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54795 - Claude Code Command Injection Vulnerability

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54802 - "pyLoad Path Traversal RCE"

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-52892 - EspoCRM Double Slash URL Vulnerability (Cache Corruption)

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-53544 - Trilium Notes Unauthenticated Brute-Force Protection Bypass Vulnerability

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54119 - ADOdb SQLite3 SQL Injection Vulnerability

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54130 - "Cursor Dotfile File Write RCE Vulnerability"

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54135 - Cursor Unapproved File Writing and RCE Vulnerability

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54387 - IPX Path Prefix Bypass Vulnerability

]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54797 - Apache Struts Remote Code Execution

]]>

Tue, 05 Aug 2025 00:15:00 GMT

read more

CVE-2025-8534 - Libtiff tiff2ps PS_Lvl2page Null Pointer Dereference Vulnerability

]]>

Tue, 05 Aug 2025 00:15:00 GMT

read more

Fuite de données chez Pandora

]]>

Tue Aug 05 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-8530 - Elunez Eladmin Druid Default Credentials Vulnerability

]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-46093 - LiquidFiles FTP SETUID Setgid Remote Command Execution

]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-46094 - LiquidFiles Arbitrary File Upload Vulnerability

]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-8529 - CloudFavorites Favorites-Web SSRF Vulnerability

]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-27211 - EdgeMAX EdgeSwitch Command Injection Vulnerability

]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-27212 - Ubiquiti UniFi Access Command Injection Vulnerability

]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-4599 - Liferay Portal Liferay DXP Cross-Site Scripting (XSS)

]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-4604 - Liferay Portal/Captcha Bypass Remote Code Execution

]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-54554 - Tera Insights tiCrypt Information Disclosure

]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-7844 - TPM 2.0 Stack Buffer Overflow

]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-8527 - Exrick xboot Swagger Server-Side Request Forgery (SSRF) Vulnerability

]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-8528 - Exrick xboot Exposed Sensitive Information Cookie Storage

]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-50341 - Axelor SQL Injection Vulnerability

]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-50754 - Unisite CMS Stored XSS

]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-51387 - GitKraken Desktop Node.js Code Injection Vulnerability

]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-51726 - CyberGhost VPN Weak SHA-1 Signing and Predictable ASLR Vulnerability

]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-8525 - Exrick xboot Information Disclosure Vulnerability

]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-8526 - Exrick xBoot Unrestricted File Upload Vulnerability

]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-50340 - SOGo Webmail IDOR Email Spoofing

]]>

Mon, 04 Aug 2025 20:15:00 GMT

read more

CVE-2025-55014 - Youdao StarDict X11 Selection Information Disclosure

]]>

Mon, 04 Aug 2025 20:15:00 GMT

read more

CVE-2025-8523 - RiderLike Fruit Crush-Brain App Android Component Export Vulnerability

]]>

Mon, 04 Aug 2025 20:15:00 GMT

read more

CVE-2025-8524 - "Boquan DotWallet Android AndroidManifest.xml Component Export Vulnerability"

]]>

Mon, 04 Aug 2025 20:15:00 GMT

read more

CVE-2025-8522 - Givanz Vvvebjs Node.js File Path Traversal Vulnerability

]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-21120 - Dell Avamar HTTP Permission Methods Vulnerability

]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-26476 - Dell ECS Hard-coded Cryptographic Key Unauthorized Access Vulnerability

]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-38741 - "Dell Enterprise SONiC OS SSH Cryptographic Key Exposure Vulnerability"

]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-52239 - ZKEACMS File Upload Code Execution Vulnerability

]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-53394 - Macrium Reflect Remote Code Execution Vulnerability

]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-53395 - Macrium Reflect DLL Loading Vulnerability (Local Privilege Escalation)

]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-8521 - Givanz Vvveb Add Type Handler Cross-Site Scripting Vulnerability

]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-8520 - Givanz Vvveb SSRF Vulnerability

]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2013-10052 - ZPanel Sudo Privilege Escalation Vulnerability

]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2013-10054 - LibrettoCMS Unauthenticated Remote Code Execution File Upload Vulnerability

]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2024-45183 - Samsung Exynos JPEG Length Check Vulnerability (Buffer Overflow)

]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2025-34147 - Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection Vulnerability

]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2025-46206 - Artifex mupdf Denial of Service (DoS) Vulnerability

]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2025-51390 - TOTOLINK N600R Command Injection Vulnerability

]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2025-8519 - Givanz Vvveb Drag-and-Drop Editor Information Disclosure Vulnerability

]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2025-50420 - Poppler PDF Denial of Service

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-50422 - Poppler PDF Memory Leak Information Disclosure

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-51534 - Austrian Archaeological Institute (AI) OpenAtlas Cross-Site Scripting (XSS)

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-51535 - Austrian Archaeological Institute OpenAtlas SQL Injection Vulnerability

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-8518 - Givanz Vvveb Code Editor Remote Code Injection Vulnerability

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44954 - RUCKUS SmartZone SSH Private Key Hardcoded Vulnerability

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44957 - Ruckus SmartZone Authentication Bypass Vulnerability

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44958 - RUCKUS Network Director Unencrypted Password Storage Vulnerability

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44960 - RUCKUS SmartZone OS Command Injection Vulnerability

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44961 - RUCKUS SmartZone OS Command Injection

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44962 - RUCKUS SmartZone Directory Traversal Vulnerability

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44963 - RUCKUS Network Director JWT Spoofing Vulnerability

]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-38739 - Dell Digital Delivery Insufficiently Protected Credentials Information Disclosure

]]>

Mon, 04 Aug 2025 16:15:00 GMT

read more

CVE-2025-44955 - RUCKUS Network Director (RND) Hardcoded Password Root Access

]]>

Mon, 04 Aug 2025 16:15:00 GMT

read more

CVE-2025-5988 - Ansible aap-gateway CSRF Vulnerability

]]>

Mon, 04 Aug 2025 16:15:00 GMT

read more

CVE-2025-8516 - Kingdee Cloud-Starry-Sky Enterprise Edition IIS-K3CloudMiniApp Remote Path Traversal Vulnerability

]]>

Mon, 04 Aug 2025 16:15:00 GMT

read more

CVE-2025-8517 - Givanz Vvveb Session Fixation Vulnerability

]]>

Mon, 04 Aug 2025 16:15:00 GMT

read more

CVE-2025-26065 - Intelbras RX1500 RX3000 XSS

]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-30096 - Dell PowerProtect Data Domain DD OS OS Command Injection

]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-30097 - Dell PowerProtect Data Domain OS Command Injection

]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-30098 - Dell PowerProtect Data Domain DD OS OS Command Injection

]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-30099 - Dell PowerProtect Data Domain OS Command Injection

]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-36594 - Dell PowerProtect Data Domain DD OS Authentication Bypass by Spoofing Vulnerability

]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-44643 - Draytek AP Series Insecure Permissions Weak Password Vulnerability

]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-51536 - AI OpenAtlas Hardcoded Administrator Password Vulnerability

]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-36604 - Dell Unity OS Command Injection

]]>

Mon, 04 Aug 2025 14:15:00 GMT

read more

CVE-2025-36605 - Dell Unity Cross-site Scripting Vulnerability

]]>

Mon, 04 Aug 2025 14:15:00 GMT

read more

CVE-2025-36606 - Dell Unity OS Command Injection Vulnerability

]]>

Mon, 04 Aug 2025 14:15:00 GMT

read more

CVE-2025-36607 - Dell Unity OS Command Injection Vulnerability

]]>

Mon, 04 Aug 2025 14:15:00 GMT

read more

CVE-2025-8109 - NVIDIA GPU Origin Read-Only Memory Write Vulnerability

]]>

Mon, 04 Aug 2025 14:15:00 GMT

read more

CVE-2025-8515 - Intelbras InControl JSON Endpoint Information Disclosure

]]>

Mon, 04 Aug 2025 11:15:00 GMT

read more

CVE-2025-0932 - Arm Ltd Bifrost GPU Userspace Driver/Arm Ltd Valhall GPU Userspace Driver/Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver: After Free Information Disclosure

]]>

Mon, 04 Aug 2025 10:15:00 GMT

read more

CVE-2025-6204 - DELmia Apriso Code Injection Vulnerability

]]>

Mon, 04 Aug 2025 10:15:00 GMT

read more

CVE-2025-6205 - "DELmia Apriso Authorization Bypass Vulnerability"

]]>

Mon, 04 Aug 2025 10:15:00 GMT

read more

CVE-2025-8341 - Grafana Infinity Datasource URL Bypass Vulnerability

]]>

Mon, 04 Aug 2025 09:15:00 GMT

read more

CVE-2025-41659 - CODESYS Control PKI Folder Remote Access Vulnerability

]]>

Mon, 04 Aug 2025 08:15:00 GMT

read more

CVE-2025-41691 - Siemens CODESYS Control Remote NULL Pointer Dereference Vulnerability

]]>

Mon, 04 Aug 2025 08:15:00 GMT

read more

CVE-2025-41658 - CODESYS Runtime Toolkit File Permission Vulnerability (Information Disclosure)

]]>

Mon, 04 Aug 2025 08:15:00 GMT

read more

CVE-2025-20700 - Airoha Bluetooth Audio SDK Privilege Escalation Vulnerability

]]>

Mon, 04 Aug 2025 07:15:00 GMT

read more

CVE-2025-20701 - Airoha Bluetooth Audio SDK Remote Privilege Escalation Vulnerability

]]>

Mon, 04 Aug 2025 07:15:00 GMT

read more

CVE-2025-20702 - Airoha Bluetooth RACE Protocol Privilege Escalation Vulnerability

]]>

Mon, 04 Aug 2025 07:15:00 GMT

read more

CVE-2025-48499 - Fujifilm Business Innovation MFP Denial-of-Service Out-of-Bounds Write Vulnerability

]]>

Mon, 04 Aug 2025 06:15:00 GMT

read more

CVE-2025-20696 - Dell Authentication Agent Out-of-Bounds Write Vulnerability

]]>

Mon, 04 Aug 2025 02:15:00 GMT

read more

CVE-2025-20697 - Qualcomm Power HAL Out-of-Bounds Write Privilege Escalation

]]>

Mon, 04 Aug 2025 02:15:00 GMT

read more

CVE-2025-20698 - Qualcomm Power HAL Out-of-Bounds Write Privilege Escalation

]]>

Mon, 04 Aug 2025 02:15:00 GMT

read more

CVE-2025-54962 - OpenPLC Runtime File Upload Vulnerability

]]>

Mon, 04 Aug 2025 02:15:00 GMT

read more

CVE-2025-54956 - Gh R Unauthorized Information Disclosure

]]>

Sun, 03 Aug 2025 18:15:00 GMT

read more

CVE-2025-8513 - Caixin News App Android Android Application Component Export Vulnerability

]]>

Sun, 03 Aug 2025 15:15:00 GMT

read more

CVE-2025-8511 - Portabilis i-Diario Cross-Site Scripting Vulnerability

]]>

Sun, 03 Aug 2025 14:15:00 GMT

read more

CVE-2025-8512 - TVB Big Big Shop App Android Android Application Component Export Vulnerability

]]>

Sun, 03 Aug 2025 14:15:00 GMT

read more

CVE-2025-8509 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Sun, 03 Aug 2025 13:15:00 GMT

read more

CVE-2025-8510 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Sun, 03 Aug 2025 13:15:00 GMT

read more

CVE-2024-51775 - Apache Zeppelin Origin Validation Bypass WebSockets Vulnerability

]]>

Sun, 03 Aug 2025 11:15:00 GMT

read more

CVE-2025-8508 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Sun, 03 Aug 2025 11:15:00 GMT

read more

CVE-2025-8507 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Sun, 03 Aug 2025 10:15:00 GMT

read more

CVE-2024-52279 - Apache Zeppelin JDBC URL Validation Bypass

]]>

Sun, 03 Aug 2025 10:15:00 GMT

read more

CVE-2024-41177 - Apache Zeppelin Cross-Site Scripting (CWE-80)

]]>

Sun, 03 Aug 2025 10:15:00 GMT

read more

CVE-2025-8506 - wx-shop Cross-Site Scripting Vulnerability

]]>

Sun, 03 Aug 2025 09:15:00 GMT

read more

CVE-2025-8505 - wx-shop Cross-Site Request Forgery (CSRF) Vulnerability

]]>

Sun, 03 Aug 2025 08:15:00 GMT

read more

CVE-2025-8504 - "Code-Projects Kitchen Treasure File Upload Vulnerability"

]]>

Sun, 03 Aug 2025 08:15:00 GMT

read more

CVE-2025-8502 - Code-projects Online Medicine Guide SQL Injection Vulnerability

]]>

Sun, 03 Aug 2025 07:15:00 GMT

read more

CVE-2025-8503 - Code-projects Online Medicine Guide SQL Injection Vulnerability

]]>

Sun, 03 Aug 2025 07:15:00 GMT

read more

CVE-2025-8501 - Human Resource Integrated System Cross-Site Scripting Vulnerability

]]>

Sun, 03 Aug 2025 06:15:00 GMT

read more

CVE-2025-8499 - Code-Projects Online Medicine Guide SQL Injection Vulnerability

]]>

Sun, 03 Aug 2025 05:15:00 GMT

read more

CVE-2025-8500 - Code-projects Human Resource Integrated System SQL Injection Vulnerability

]]>

Sun, 03 Aug 2025 05:15:00 GMT

read more

CVE-2025-8498 - Code-projects Online Medicine Guide SQL Injection Vulnerability

]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-8497 - Code-projects Online Medicine Guide SQL Injection Vulnerability

]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-52131 - XWiki Mocca Calendar XSS

]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-52132 - XWiki Mocca Calendar XSS Vulnerability

]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-52133 - XWiki Mocca Calendar XSS

]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-8496 - Projectworlds Online Admission System SQL Injection Vulnerability

]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-8495 - Code-projects Intern Membership Management System SQL Injection Vulnerability

]]>

Sun, 03 Aug 2025 02:15:00 GMT

read more

CVE-2025-54351 - Iperf Buffer Overflow

]]>

Sun, 03 Aug 2025 02:15:00 GMT

read more

CVE-2025-54349 - Iperf Heap-Based Buffer Overflow

]]>

Sun, 03 Aug 2025 02:15:00 GMT

read more

CVE-2025-54350 - Iperf Base64Decode Assertion Failure Vulnerability

]]>

Sun, 03 Aug 2025 02:15:00 GMT

read more

CVE-2025-54955 - OpenNebula FireEdge JWT Authentication Bypass

]]>

Sun, 03 Aug 2025 00:15:00 GMT

read more

CVE-2025-8494 - Code-projects Intern Membership Management System SQL Injection Vulnerability

]]>

Sun, 03 Aug 2025 00:15:00 GMT

read more

CVE-2025-23290 - NVIDIA vGPU Information Disclosure Vulnerability

]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2025-8493 - Code-projects Intern Membership Management System SQL Injection Vulnerability

]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2023-32253 - Linux Kernel ksmbd Deadlock Denial of Service Vulnerability

]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2023-32255 - Linux Kernel ksmbd NTLMSSP Memory Leak

]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2025-23284 - NVIDIA vGPU Stack Buffer Overflow Vulnerability

]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2025-23285 - NVIDIA vGPU Denial of Service

]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2025-23283 - NVIDIA vGPU Virtual GPU Manager Stack Buffer Overflow

]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23286 - NVIDIA GPU Display Driver Memory Disclosure Vulnerability

]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23287 - NVIDIA GPU Display Driver Windows Information Disclosure

]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23288 - NVIDIA GPU Display Driver for Windows Information Disclosure

]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23278 - NVIDIA Display Driver Index Validation Vulnerability

]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23279 - NVIDIA run Installer Privilege Escalation Vulnerability

]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23281 - NVIDIA GPU Display Driver for Windows Use-After-Free Vulnerability

]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23276 - NVIDIA Installer for Windows Privilege Escalation Vulnerability

]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23277 - NVIDIA Display Driver Kernel Mode Driver Out-of-Bounds Memory Access Vulnerability

]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-8471 - Projectworlds Online Admission System SQL Injection

]]>

Sat, 02 Aug 2025 19:15:00 GMT

read more

CVE-2025-8470 - SourceCodester Online Hotel Reservation System SQL Injection Vulnerability

]]>

Sat, 02 Aug 2025 18:15:00 GMT

read more

CVE-2025-8469 - SourceCodester Online Hotel Reservation System SQL Injection Vulnerability

]]>

Sat, 02 Aug 2025 17:15:00 GMT

read more

CVE-2025-8468 - Code-projects Wazifa System SQL Injection Vulnerability

]]>

Sat, 02 Aug 2025 15:15:00 GMT

read more

CVE-2025-7500 - WordPress Ocean Social Sharing Plugin Stored Cross-Site Scripting Vulnerability

]]>

Sat, 02 Aug 2025 12:15:00 GMT

read more

CVE-2025-7710 - "Brave Conversion Engine WordPress Facebook Authentication Bypass"

]]>

Sat, 02 Aug 2025 12:15:00 GMT

read more

CVE-2025-8467 - Code-Projects Wazifa System SQL Injection Vulnerability

]]>

Sat, 02 Aug 2025 11:15:00 GMT

read more

CVE-2025-8488 - Elementor Header Footer Builder Unauthorized Data Modification Vulnerability

]]>

Sat, 02 Aug 2025 10:15:00 GMT

read more

CVE-2025-6722 - BitFire Security - WordPress Firewall, WAF, Bot/Spam Blocker, Login Security Sensitive Information Exposure

]]>

Sat, 02 Aug 2025 10:15:00 GMT

read more

CVE-2025-6832 - WordPress All in One Time Clock Lite Reflected Cross-Site Scripting

]]>

Sat, 02 Aug 2025 09:15:00 GMT

read more

CVE-2025-8391 - WordPress Magic Edge Lite Stored Cross-Site Scripting Vulnerability

]]>

Sat, 02 Aug 2025 09:15:00 GMT

read more

CVE-2025-8399 - WordPress Mmm Unity Loader Stored Cross-Site Scripting Vulnerability

]]>

Sat, 02 Aug 2025 09:15:00 GMT

read more

CVE-2025-8400 - WordPress Image Gallery Reflected Cross-Site Scripting Vulnerability

]]>

Sat, 02 Aug 2025 09:15:00 GMT

read more

CVE-2025-8466 - Code-projects Online Farm System SQL Injection

]]>

Sat, 02 Aug 2025 09:15:00 GMT

read more

CVE-2025-8212 - Elementor Medical Addon Stored Cross-Site Scripting Vulnerability

]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-8317 - WordPress Custom Word Cloud Stored Cross-Site Scripting

]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-4588 - WordPress 360 Photo Spheres Plugin Stored Cross-Site Scripting Vulnerability

]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-6626 - ShortPixel Adaptive Images WordPress Stored Cross-Site Scripting Vulnerability

]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-6754 - "WordPress SEO Metrics Privilege Escalation"

]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-8152 - WordPress WP CTA - Call To Action Plugin Unauthenticated Data Modification Vulnerability

]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-8146 - "Qi Addons For Elementor Stored Cross-Site Scripting"

]]>

Sat, 02 Aug 2025 05:15:00 GMT

read more

CVE-2025-7694 - WordPress Woffice Core Plugin File Deletion Vulnerability

]]>

Sat, 02 Aug 2025 04:15:00 GMT

read more

CVE-2025-6076 - Partner Software's Partner Software and Partner Web application File Upload Privilege Escalation

]]>

Sat, 02 Aug 2025 03:15:00 GMT

read more

CVE-2025-6077 - Partner Software's Partner Software Product and Web Application Default Administrator Credentials Vulnerability

]]>

Sat, 02 Aug 2025 03:15:00 GMT

read more

CVE-2025-6078 - Partner Software's Partner Software Stored XSS Vulnerability

]]>

Sat, 02 Aug 2025 03:15:00 GMT

read more

CVE-2025-54796 - Copyparty Denial of Service (DoS) Regular Expression Injection

]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54790 - Apache Files SQL Injection

]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54789 - Apache Files Cross-Site Scripting (XSS)

]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54782 - Nest Devtools Integration Remote Code Execution Vulnerability

]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54386 - Traefik WASM Plugin Path Traversal Vulnerability

]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54781 - Microsoft Azure Entra ID/Intune Token Leak Vulnerability

]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54133 - Cursor Model Context Protocol (MCP) UI Information Disclosure Vulnerability

]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54136 - Cursor Remote Code Execution Vulnerability

]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54792 - LocalSend Man-in-the-Middle Vulnerability

]]>

Fri, 01 Aug 2025 23:15:00 GMT

read more

CVE-2025-54131 - Cursor Command Injection Bypass

]]>

Fri, 01 Aug 2025 23:15:00 GMT

read more

CVE-2025-54132 - "Cursor Mermaid Image Exfiltration Vulnerability"

]]>

Fri, 01 Aug 2025 23:15:00 GMT

read more

CVE-2025-54424 - 1Panel Remote Code Execution (RCE) via Incomplete Certificate Verification

]]>

Fri, 01 Aug 2025 23:15:00 GMT

read more

CVE-2024-13978 - LibTIFF Null Pointer Dereference Vulnerability

]]>

Fri, 01 Aug 2025 22:15:00 GMT

read more

CVE-2013-10063 - Netgear SPH200D Path Traversal Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10057 - Synactis PDF In-The-Box ActiveX Control Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10058 - Linksys Router OS Command Injection Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10059 - D-Link Router OS Command Injection Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10060 - Netgear Router OS Command Injection Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10061 - Netgear Router OS Command Injection Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10062 - "Linksys Router Directory Traversal Vulnerability"

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10053 - ZPanel Remote Command Execution Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10055 - Havalite CMS Unauthenticated Remote Code Execution File Upload Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10049 - Raidsonic NAS Command Injection Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10050 - D-Link Router OS Command Injection Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10051 - InstantCMS PHP Code Execution Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2012-10022 - Kloxo Setuid Root Privilege Escalation

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10044 - OpenEMR SQL Injection and Unrestricted File Upload Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10046 - Agnitum Outpost Internet Security Named Pipe Privilege Escalation Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10047 - MiniWeb HTTP Server Unrestricted File Upload and Privilege Escalation Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10048 - D-Link Router OS Command Injection Vulnerability

]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2025-8472 - Alpine iLX-507 Bluetooth vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8473 - Alpine iLX-507 Command Injection Vulnerability

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8474 - Alpine iLX-507 CarPlay Stack-based Buffer Overflow

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8475 - Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8476 - Alpine iLX-507 TIDAL Certificate Validation Bypass Root RCE

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8477 - Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8480 - Alpine iLX-507 Tidal Music Streaming Command Injection Remote Code Execution

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6037 - Hashicorp Vault TLS Client Certificate Validation Bypass

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-50869 - Institute-of-Current-Students XSS

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-50870 - Institute-of-Current-Students Student Information Disclosure via Incorrect Access Control

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-53009 - MaterialX Stack Exhaustion Crash Vulnerability

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-53010 - MaterialX Null Pointer Dereference Denial of Service

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-53011 - MaterialX Null Pointer Dereference

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-53012 - MaterialX Stack Overflow

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-54564 - ChargePoint Home Flex Unvalidated Decompression Vulnerability

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-54574 - Squid Heap Buffer Overflow (Remote Code Execution)

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-54590 - Apache WebFinger SSRF Vulnerability

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-54593 - FreshRSS Remote Code Execution Vulnerability

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-54595 - Pearcleaner Privilege Escalation Vulnerability

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-5999 - "Vault Privileged Escalation Vulnerability"

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6000 - Apache Vault Code Execution Vulnerability

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6004 - Vault User Lockout Bypass

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6011 - HashiCorp Vault Userpass Timing Side Channel Disclosure

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6014 - Vault TOTP Secrets Engine Code Reuse Vulnerability

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6015 - Vault Two-Factor Authentication Bypass and Token Reuse

]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-45150 - LangChain-ChatGLM-Webui File Disclosure Vulnerability

]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2025-45778 - The Language Sloth Web Application Stored XSS

]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2025-48074 - OpenEXR DataWindow Size Validation Vulnerability

]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2025-51501 - Microweber CMS Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2025-51502 - Microweber CMS Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2025-51504 - Microweber CMS Cross Site Scripting (XSS)

]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2019-19144 - Quantum DXi6702 XML External Entity Injection Vulnerability

]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-44139 - Emlog Pro File Upload Vulnerability

]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-50460 - Apache Ms-Swift Remote Code Execution (RCE)

]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-50472 - Apache Spark - Deserialization Code Execution Vulnerability

]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-52327 - Restaurant Order System SQL Injection

]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-52361 - Lighttpd AK-Nord USB-Server-LXL Root Command Execution

]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-52390 - Saurus CMS SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-45767 - Jose Weak Encryption Vulnerability

]]>

Fri, 01 Aug 2025 15:15:00 GMT

read more

CVE-2023-44976 - Shunwang Rentdrv2 EDR Process Termination Vulnerability

]]>

Fri, 01 Aug 2025 14:15:00 GMT

read more

CVE-2025-46018 - CSC Pay Mobile App Bluetooth Payment Authorization Bypass Vulnerability

]]>

Fri, 01 Aug 2025 14:15:00 GMT

read more

CVE-2025-41370 - Gandia Integra Total TESI SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41371 - Gandia Integra Total TESI SQL Injection

]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41372 - Gandia Integra Total TESI SQL Injection

]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41373 - Gandia Integra Total TESI SQL Injection

]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41374 - Gandia Integra Total TESI SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41375 - Gandia Integra Total TESI SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41376 - Gandia Integra Total TESI SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-4684 - WordPress BlockSpare Stored Cross-Site Scripting Vulnerability

]]>

Fri, 01 Aug 2025 12:15:00 GMT

read more

CVE-2025-6228 - Sina Extension for Elementor Stored Cross-Site Scripting Vulnerability

]]>

Fri, 01 Aug 2025 12:15:00 GMT

read more

CVE-2025-6398 - ASUS AI Suite 3 Null Pointer Dereference Vulnerability

]]>

Fri, 01 Aug 2025 09:15:00 GMT

read more

CVE-2025-8443 - Code-projects Online Medicine Guide SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 09:15:00 GMT

read more

CVE-2025-8441 - Code-projects Online Medicine Guide SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 08:15:00 GMT

read more

CVE-2025-8442 - Code-projects Online Medicine Guide SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 08:15:00 GMT

read more

CVE-2025-8438 - Code-Projects Wazifa System SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 07:15:00 GMT

read more

CVE-2025-8439 - Wazifa System SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 07:15:00 GMT

read more

CVE-2025-7646 - Elementor Addons Stored Cross-Site Scripting

]]>

Fri, 01 Aug 2025 07:15:00 GMT

read more

CVE-2025-8437 - Kitchen Treasure SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 07:15:00 GMT

read more

CVE-2025-31716 - Cisco Bootloader Out-of-Bounds Write Denial of Service

]]>

Fri, 01 Aug 2025 06:15:00 GMT

read more

CVE-2025-54939 - LiteSpeed QUIC (LSQUIC) Library LSQUIC Engine Packet In Memory Leak

]]>

Fri, 01 Aug 2025 06:15:00 GMT

read more

CVE-2025-5921 - "SureForms WordPress Reflected Cross-Site Scripting"

]]>

Fri, 01 Aug 2025 06:15:00 GMT

read more

CVE-2025-8436 - Projectworlds Online Admission System SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 06:15:00 GMT

read more

CVE-2025-8454 - Debian Package devscripts OpenPGP Verification Bypass

]]>

Fri, 01 Aug 2025 06:15:00 GMT

read more

CVE-2025-8435 - Code-projects Online Movie Streaming PHP Remote Authorization Bypass Vulnerability

]]>

Fri, 01 Aug 2025 05:15:00 GMT

read more

CVE-2025-7725 - WordPress OpenAI Plugin Stored Cross-Site Scripting Vulnerability

]]>

Fri, 01 Aug 2025 05:15:00 GMT

read more

CVE-2025-7845 - Stratum Elementor Widgets Stored Cross-Site Scripting Vulnerability

]]>

Fri, 01 Aug 2025 05:15:00 GMT

read more

CVE-2025-4523 - IDonate WordPress Plugin Unauthorized Data Access Vulnerability

]]>

Fri, 01 Aug 2025 05:15:00 GMT

read more

CVE-2025-7443 - BerqWP Arbitrary File Upload Vulnerability

]]>

Fri, 01 Aug 2025 05:15:00 GMT

read more

CVE-2025-54846 - Apache HTTP Server HTTP Request Smuggling

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54847 - Apache HTTP Server Cross-Site Request Forgery

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-5947 - WordPress Service Finder Bookings Privilege Escalation

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-8433 - Dell Document Management System Path Traversal Vulnerability

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-8434 - Apache Code-projects Online Movie Streaming Remote File Inclusion Vulnerability

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54844 - Apache Struts Command Execution

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54845 - Adobe Flash Memory Corruption Vulnerability

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54842 - Apache HTTP Server Cross-Site Request Forgery

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54843 - Fortinet DNS Server Insufficient Input Validation

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2019-19145 - Quantum SuperLoader 3 Password Brute Force

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-53399 - Sipwise RTPengine RTP Stream Injection and Interception Vulnerability

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54657 - Apache Struts Command Injection

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54839 - Apache HTTP Server Cross-Site Request Forgery

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54840 - Apache HTTP Server Denial of Service

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54841 - Apache Struts SQL Injection

]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-5954 - WordPress Service Finder SMS System Plugin Unauthenticated Administrator Account Takeover Vulnerability

]]>

Fri, 01 Aug 2025 03:15:00 GMT

read more

CVE-2025-8431 - PHPGurukul Boat Booking System SQL Injection Vulnerability

]]>

Fri, 01 Aug 2025 02:15:00 GMT

read more

CVE-2025-48071 - OpenEXR ZIPS-packed Deep Scan-Line Heap Buffer Overflow

]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2025-48072 - OpenEXR Heap-Based Buffer Overflow Vulnerability

]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2025-48073 - OpenEXR NULL Pointer Dereference Vulnerability

]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2023-32251 - Linux Kernel ksmbd Dictionary Attack Bypass

]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2025-23289 - NVIDIA Omniverse Launcher Information Disclosure Vulnerability

]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2025-45768 - PyJWT Weak Encryption

]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2025-50572 - Archer Technology RSA Archer Code Execution Vulnerability

]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-8286 - Güralp FMUS series Telnet Command Injection Vulnerability

]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-37108 - "HPE Telco Service Activator Cross-Site Scripting Vulnerability"

]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-37109 - HPE Telco Service Activator Cross-Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-37110 - HPE Telco Network Function Virtual Orchestrator Information Disclosure

]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-37111 - HPE Telco Network Function Virtual Orchestrator Authentication Key Storage Policy Information Disclosure

]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-37112 - HPE Telco Network Function Virtual Orchestrator Key Storage Policy Information Disclosure

]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-45769 - PHP JWT Weak Encryption Vulnerability

]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-45770 - "Auth0 JWT Weak Encryption Vulnerability"

]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-26062 - Intelbras RX1500/3000 Unauthenticated Access to Settings File

]]>

Thu, 31 Jul 2025 19:15:00 GMT

read more

CVE-2025-26063 - Intelbras RX1500/3000 - Unauthenticated Remote Code Execution Vulnerability

]]>

Thu, 31 Jul 2025 19:15:00 GMT

read more

CVE-2025-26064 - Intelbras RX1500/RX3000 Cross-Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 19:15:00 GMT

read more

CVE-2025-51385 - D-Link DI-8200 Buffer Overflow Vulnerability

]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-51503 - Microweber CMS Stored Cross-Site Scripting (XSS)

]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-54832 - OPEXUS FOIAXpress Arbitrary State/Territory Modification Vulnerability

]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-54833 - OPEXUS FOIAXpress Bypass Account-Lockout and CAPTCHA Protection Vulnerability

]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-54834 - OPEXUS FOIAXpress Information Disclosure Vulnerability

]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-8426 - Marvell QConvergeConsole Directory Traversal and Information Disclosure/DoS

]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-51384 - D-Link DI-8200 IPsec Buffer Overflow

]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-51383 - D-Link DI-8200 Buffer Overflow Vulnerability

]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2024-34327 - Sielox AnyWare SQL Injection

]]>

Thu, 31 Jul 2025 17:15:00 GMT

read more

CVE-2025-50866 - CloudClassroom-PHP Project 1.0 Reflected Cross-site Scripting (XSS)

]]>

Thu, 31 Jul 2025 17:15:00 GMT

read more

CVE-2025-50867 - CloudClassroom-PHP-Project SQL Injection

]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-52203 - DevaslanPHP Stored XSS

]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-8409 - "Code-projects Vehicle Management SQL Injection"

]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-29556 - ExaGrid EX10 Incorrect Access Control Bypass

]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-46809 - SUSE Multi Linux Manager HTTP Proxy Credentials Disclosure

]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-50847 - CS Cart CSRF Add Product to Comparison List

]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-50848 - "CS Cart Cross-Site Scripting (XSS) File Upload Vulnerability"

]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-50850 - CS Cart Brute Force Vendor Login

]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-34146 - SandboxJS Prototype Pollution Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-50270 - AnQiCMS Stored XSS

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-50475 - Russound MBX-PRE-D67F OS Command Injection Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-50849 - CS Cart IDOR

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-51569 - LB-Link BL-CPE300M Router Cross-Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-52289 - MagnusBilling Broken Access Control Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-8408 - Apache Vehicle Management SQL Injection

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125121 - Array Networks vAPV/vxAG SSH Privilege Escalation Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125122 - Linksys WRT120N Remote Stack Buffer Overflow Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125123 - Kloxo SQL Injection Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125124 - Pandora FMS Anyterm Remote Command Execution

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125125 - A10 Networks AX Loadbalancer Path Traversal Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125126 - Apache Simple E-Document Unrestricted File Upload and Authentication Bypass

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2024-34328 - Sielox AnyWare Open Redirect Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-29557 - ExaGrid EX10 Remote Authentication Bypass

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10042 - FreeFTPd FTP PASS Command Stack-Based Buffer Overflow

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10043 - OAstium VoIP PBX Remote Code Execution Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10033 - Kimai SQL Injection Remote Code Execution

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10034 - Kaseya KServer Unauthenticated File Upload Remote Code Execution Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10035 - ProcessMaker Code Injection Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10036 - Beetel Connection Manager Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10037 - WebTester OS Command Injection Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10038 - FlashChat Arbitrary File Upload Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10039 - GestioIP Command Injection Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10040 - ClipBucket Remote Code Execution Vulnerability

]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-54589 - Copyparty Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 31 Jul 2025 14:15:00 GMT

read more

CVE-2025-7738 - GitHub Enterprise Ansible Automation Platform Clear Text Client Secret Exposure

]]>

Thu, 31 Jul 2025 14:15:00 GMT

read more

CVE-2025-8407 - Apache Code-projects Vehicle Management SQL Injection Vulnerability

]]>

Thu, 31 Jul 2025 14:15:00 GMT

read more

CVE-2025-8213 - NinjaScanner WordPress File Deletion Vulnerability

]]>

Thu, 31 Jul 2025 13:15:00 GMT

read more

CVE-2025-8068 - Elementor HT Mega Absolute Addons WordPress Unauthorized Data Manipulation Vulnerability

]]>

Thu, 31 Jul 2025 12:15:00 GMT

read more

CVE-2025-8151 - HT Mega – Absolute Addons For Elementor Path Traversal Vulnerability

]]>

Thu, 31 Jul 2025 12:15:00 GMT

read more

CVE-2025-8381 - Campcodes Online Hotel Reservation System SQL Injection Vulnerability

]]>

Thu, 31 Jul 2025 12:15:00 GMT

read more

CVE-2025-8382 - Campcodes Online Hotel Reservation System SQL Injection Vulnerability

]]>

Thu, 31 Jul 2025 12:15:00 GMT

read more

CVE-2025-8401 - HT Mega – Absolute Addons For Elementor Information Disclosure

]]>

Thu, 31 Jul 2025 12:15:00 GMT

read more

CVE-2025-8379 - Campcodes Online Hotel Reservation System File Upload Vulnerability

]]>

Thu, 31 Jul 2025 11:15:00 GMT

read more

CVE-2025-8380 - Campcodes Online Hotel Reservation System Cross-Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 11:15:00 GMT

read more

CVE-2025-2813 - Apache HTTP Server DoS

]]>

Thu, 31 Jul 2025 10:15:00 GMT

read more

CVE-2025-40980 - UltimateFosters UltimatePOS Stored Cross Site Scripting

]]>

Thu, 31 Jul 2025 10:15:00 GMT

read more

CVE-2025-41688 - Apache Solr Command Injection Vulnerability

]]>

Thu, 31 Jul 2025 10:15:00 GMT

read more

CVE-2025-8376 - Code-projects Vehicle Management SQL Injection Vulnerability

]]>

Thu, 31 Jul 2025 10:15:00 GMT

read more

CVE-2025-8378 - Campcodes Online Hotel Reservation System SQL Injection Vulnerability

]]>

Thu, 31 Jul 2025 10:15:00 GMT

read more

CVE-2025-24853 - Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 31 Jul 2025 09:15:00 GMT

read more

CVE-2025-24854 - Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 31 Jul 2025 09:15:00 GMT

read more

CVE-2025-8192 - Android TvSettings AppRestrictionsFragment Launch Anywhere Vulnerability

]]>

Thu, 31 Jul 2025 09:15:00 GMT

read more

CVE-2025-8374 - Code-projects Vehicle Management SQL Injection Vulnerability

]]>

Thu, 31 Jul 2025 09:15:00 GMT

read more

CVE-2025-8375 - Apache Code-projects Vehicle Management SQL Injection Vulnerability

]]>

Thu, 31 Jul 2025 09:15:00 GMT

read more

CVE-2025-54757 - PowerCMS Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-7205 - GiveWP Stored Cross-Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-8372 - Exam Form Submission SQL Injection Vulnerability

]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-8373 - Code-projects Vehicle Management SQL Injection

]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-41391 - PowerCMS Cross-Site Scripting (XSS)

]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-41396 - PowerCMS Path Traversal Vulnerability

]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-46359 - PowerCMS Path Traversal RCE Vulnerability

]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-54752 - PowerCMS CSV Injection Vulnerability

]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-36563 - PowerCMS Cross-Site Scripting (XSS)

]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-8370 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 07:15:00 GMT

read more

CVE-2025-8371 - Code-projects Exam Form Submission SQL Injection Vulnerability

]]>

Thu, 31 Jul 2025 07:15:00 GMT

read more

CVE-2025-53558 - ZTE Japan K.K. ZXHN-F660T/F660A Default Credential Vulnerability

]]>

Thu, 31 Jul 2025 06:15:00 GMT

read more

CVE-2025-8368 - Portabilis i-Educar Cross Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 06:15:00 GMT

read more

CVE-2025-8369 - Portabilis i-Educar Cross Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 06:15:00 GMT

read more

CVE-2025-8367 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 05:15:00 GMT

read more

CVE-2025-5720 - WooCommerce Stored Cross-Site Scripting (XSS)

]]>

Thu, 31 Jul 2025 05:15:00 GMT

read more

CVE-2025-7847 - WordPress AI Engine Plugin Arbitrary File Upload Vulnerability

]]>

Thu, 31 Jul 2025 05:15:00 GMT

read more

CVE-2025-8366 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 05:15:00 GMT

read more

CVE-2025-8348 - Kehua Charging Pile Cloud Platform Remote Authentication Bypass Vulnerability

]]>

Thu, 31 Jul 2025 04:16:00 GMT

read more

CVE-2025-8365 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 04:16:00 GMT

read more

CVE-2025-54828 - Apache HTTP Server Information Disclosure

]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54829 - Apache HTTP Server Remote Code Execution

]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-8345 - Shanghai Lingdang Information Technology Lingdang CRM SQL Injection

]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-8346 - Portabilis i-Educar Cross-Site Scripting Vulnerability

leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-8347 - Kehua Charging Pile Cloud Platform SQL Injection Vulnerability

]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2023-41674 - Apache HTTP Server SQL Injection

]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54823 - Apache HTTP Server Cross-Site Request Forgery

]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54824 - Apache HTTP Server Unvalidated User Input Vulnerability

]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54825 - Microsoft Internet Information Services (IIS) XML External Entity (XXE) Injection

]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54826 - Apache HTTP Server SSRF

]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54827 - Apache HTTP Server Unvalidated User Input

]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-8344 - OpenViglet Shio Unrestricted File Upload Vulnerability

]]>

Thu, 31 Jul 2025 02:15:00 GMT

read more

CVE-2025-8340 - Code-projects Intern Membership Management System Cross Site Scripting Vulnerability

]]>

Thu, 31 Jul 2025 01:15:00 GMT

read more

CVE-2025-8343 - OpenViglet Shio Remote Path Traversal Vulnerability

]]>

Thu, 31 Jul 2025 01:15:00 GMT

read more

CVE-2025-8339 - Code-projects Intern Membership Management System SQL Injection

]]>

Thu, 31 Jul 2025 01:15:00 GMT

read more

CVE-2025-8338 - Projectworlds Online Admission System SQL Injection

]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-49083 - Absolute Secure Access Console Deserialization Vulnerability

]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-49084 - Absolute Secure Access Policy Rule Overwrite Vulnerability

]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-54085 - Absolute Secure Access Improper Permission Bypass

]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-36039 - IBM Aspera Faspex Authentication Bypass Vulnerability

]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-36040 - IBM Aspera Faspex Client-Side Security Mechanism Bypass Vulnerability

]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-49082 - Absolute Secure Access Management Console Permission Bypass

]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-8337 - Simple Car Rental System Cross-Site Scripting (XSS)

]]>

Wed, 30 Jul 2025 23:15:00 GMT

read more

CVE-2025-7356 - CVE-2020-29461: Apache HTTP Server Remote Code Execution

]]>

Wed, 30 Jul 2025 23:15:00 GMT

read more

CVE-2025-8336 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

]]>

Wed, 30 Jul 2025 23:15:00 GMT

read more

CVE-2024-11478 - CVE-2021-3719: Apache Commons Text XML External Entity (XXE) Injection

]]>

Wed, 30 Jul 2025 23:15:00 GMT

read more

CVE-2025-54586 - GitProxy GitHub Commit Exfiltration Vulnerability

]]>

Wed, 30 Jul 2025 22:15:00 GMT

read more

CVE-2025-8334 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

]]>

Wed, 30 Jul 2025 22:15:00 GMT

read more

CVE-2025-8335 - Simple Car Rental System Cross-Site Request Forgery

]]>

Wed, 30 Jul 2025 22:15:00 GMT

read more

CVE-2025-54585 - GitProxy Branch Creation ByPass Vulnerability

]]>

Wed, 30 Jul 2025 21:15:00 GMT

read more

CVE-2025-8332 - Code-projects Online Farm System SQL Injection Vulnerability

]]>

Wed, 30 Jul 2025 21:15:00 GMT

read more

CVE-2025-8333 - Code-projects Online Farm System SQL Injection Vulnerability

]]>

Wed, 30 Jul 2025 21:15:00 GMT

read more

CVE-2025-54583 - GitProxy Unauthorized Push Vulnerability

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-54584 - GitProxy Git Packfile Signature Bypass Vulnerability

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-8330 - Code-projects Vehicle Management SQL Injection

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-8331 - Code-projects Online Farm System SQL Injection Vulnerability

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-54575 - ImageSharp GIF Denial of Service

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-54576 - OAuth2-Proxy Regex Pattern Bypass Authentication Vulnerability

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-54581 - Vproxy HTTP Proxy-Authorization Header DoS Vulnerability

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-54582 - Netty Deserialization Vulnerability

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2024-48916 - Ceph JWT Algorithm Validation Bypass Vulnerability

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-51954 - ElectronHub AI Playground XSS

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-52187 - Apache GetProjectsIdea School Management System XSS

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-53022 - TrustedFirmware-M Stack Buffer Overflow

]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-50777 - AZIOT Smart Wi-Fi CCTV Camera Root Shell Access Vulnerability

]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-51951 - Andisearch Cross-Site Scripting Vulnerability

]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-8329 - Oracle Vehicle Management SQL Injection

]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-30103 - Dell SmartFabric OS10 Local Filesystem Access Vulnerability

]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-36608 - Dell SmartFabric OS10 XML External Entity Reference Denial of Service

]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-36609 - Dell SmartFabric OS10 Hard-coded Password Elevation of Privileges

]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-50464 - "Iptime NAS Firmware Buffer Overflow Vulnerability"

]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-26332 - Dell XtremIO X2 TechAdvisor Insertion of Sensitive Information into Log File

]]>

Wed, 30 Jul 2025 18:15:00 GMT

read more

CVE-2025-30105 - Dell XtremIO Log Injection Vulnerability

]]>

Wed, 30 Jul 2025 18:15:00 GMT

read more

CVE-2025-30480 - Dell PowerProtect Data Manager Arbitrary File Read Vulnerability

]]>

Wed, 30 Jul 2025 18:15:00 GMT

read more

CVE-2025-8327 - Code-projects Exam Form Submission SQL Injection Vulnerability

]]>

Wed, 30 Jul 2025 18:15:00 GMT

read more

CVE-2025-8328 - Apache Exam Form Submission SQL Injection Vulnerability

]]>

Wed, 30 Jul 2025 18:15:00 GMT

read more

CVE-2025-45620 - Aver PTC310UV2 Information Disclosure

]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2024-45955 - Rocket Software Rocket Zena SQL Injection Vulnerability

]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2025-25691 - PrestaShop PHAR Deserialization Code Execution Vulnerability

]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2025-25692 - PrestaShop PHAR Deserialization Remote Code Execution Vulnerability

]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2025-36611 - Dell Encryption Link Following Privilege Escalation Vulnerability

]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2025-45619 - Aver PTC310UV2 Remote Code Execution Vulnerability

]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2023-2593 - Linux TCP Connection Denial of Service

]]>

Wed, 30 Jul 2025 16:15:00 GMT

read more

CVE-2025-50578 - LinuxServer.io Heimdall HTTP Header Injection and Open Redirect Vulnerability

]]>

Wed, 30 Jul 2025 16:15:00 GMT

read more

CVE-2025-54656 - Apache Struts LookupDispatchAction Log Injection

]]>

Wed, 30 Jul 2025 16:15:00 GMT

read more

CVE-2025-8312 - Devolutions Server PAM Deadlock Password Persistence Vulnerability

]]>

Wed, 30 Jul 2025 16:15:00 GMT

read more

CVE-2025-8353 - Devolutions Server JIT Group Access Bypass Vulnerability

]]>

Wed, 30 Jul 2025 16:15:00 GMT

read more

CVE-2025-43018 - HP LaserJet Pro Printer Information Disclosure Vulnerability

]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-46811 - SUSE Manager WebSocket Root RCE

]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-53111 - GLPI Unauthenticated Access Vulnerability

]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-53112 - GLPI Unauthorized Resource Deletion Vulnerability

]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-53113 - GLPI External Links Information Disclosure

]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-53357 - GLPI Unauthorized Reservation Alteration

]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-53944 - AutoGPT Authorization Bypass Vulnerability

]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-54433 - Bugsink File Path Traversal Vulnerability

]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-54573 - CVAT Unvalidated Email Authentication Bypass

]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2024-45515 - Zimbra Collaboration Cross-Site Scripting (XSS)

]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-54410 - Docker Moby Firewalld Container Isolation Bypass

]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-54425 - Umbraco Content Delivery API Cache Bypass Vulnerability

]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-54430 - Apache Dedupe GitHub Token Exfiltration

]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-54572 - Apache Ruby SAML Denial-of-Service Vulnerability

]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-52567 - GLPI SSRF Vulnerability

]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-52897 - GLPI Phishing Vulnerability in Planning Feature

]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-53008 - GLPI Email Receiver Credentials Stealer

]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-54388 - Docker Moby iptables Rule Deletion and Recreation Vulnerability

]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-47001 - Adobe Experience Manager Stored XSS Vulnerability

]]>

Wed, 30 Jul 2025 13:15:00 GMT

read more

CVE-2025-8326 - Code-projects Exam Form Submission SQL Injection Vulnerability

]]>

Wed, 30 Jul 2025 13:15:00 GMT

read more

CVE-2025-6348 - WordPress Smart Slider 3 SQL Injection

]]>

Wed, 30 Jul 2025 09:15:00 GMT

read more

CVE-2025-1221 - SiLabs EmberZNet Zigbee Stack Denial of Service (DoS) Vulnerability

]]>

Wed, 30 Jul 2025 08:15:00 GMT

read more

CVE-2025-1394 - SiLabs EmberZNet Zigbee Stack Denial of Service and Data Leak Vulnerability

]]>

Wed, 30 Jul 2025 08:15:00 GMT

read more

CVE-2025-38498 - Linux Kernel Mount Namespace Permission Bypass Vulnerability

]]>

Wed, 30 Jul 2025 06:15:00 GMT

read more

CVE-2025-8322 - Ventem e-School Missing Authorization Vulnerability

]]>

Wed, 30 Jul 2025 04:16:00 GMT

read more

CVE-2025-8323 - Ventem e-School Arbitrary File Upload Remote Code Execution

]]>

Wed, 30 Jul 2025 04:16:00 GMT

read more

CVE-2025-8292 - Google Chrome Media Stream Use After Free Vulnerability

]]>

Wed, 30 Jul 2025 02:17:00 GMT

read more

CVE-2025-4422 - Lenovo SMB Relay Vulnerability

]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-4423 - Lenovo Remote Code Execution Vulnerability

]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-4424 - Lenovo Remote Code Execution Vulnerability

]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-4425 - Lenovo Power Manager Remote Code Execution Vulnerability

]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-4426 - Lenovo Network Authentication Bypass Vulnerability

]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-8217 - Amazon Q Developer Visual Studio Code Extension Code Injection Vulnerability

]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-8320 - Tesla Wall Connector HTTP Content-Length Header Buffer Overflow Remote Code Execution Vulnerability

]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-8321 - Tesla Wall Connector Firmware Downgrade Remote Code Execution Vulnerability

]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-0712 - Apache HTTP Server Unauthenticated Local Privilege Escalation

]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-25011 - Apache HTTP Server Uncontrolled Search Path Element Local Privilege Escalation

]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-4421 - Lenovo Critical Authentication Bypass Vulnerability

]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-43270 - Apple macOS Network Access Bypass Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43273 - Apple macOS Sequoia Sandbox Escalation

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43274 - "macOS Sequoia Sandbox Evasion"

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43275 - Apple macOS Sandbox Escape Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43276 - Apple iCloud Private Relay Multiple User Login Activation Failure

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43277 - Apple Audio File Memory Corruption Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-8319 - "Apache Business Management Appliance Cross-Site Scripting"

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43267 - Apple macOS Sequoia SQL Injection

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43265 - Apple WatchOS Out-of-Bounds Read Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43266 - "Apple macOS Sandbox Escalation"

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43261 - Apple macOS Sandbox Escalation Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43259 - Apple macOS Lockscreen Information Disclosure

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43260 - Apple macOS Privilege Escalation Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43244 - Apple macOS Unexpected System Termination Race Condition

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43245 - Apple macOS Downgrade Code Signing Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43246 - Apple macOS Sensitive User Data Access Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43247 - Apple macOS Root Privilege Escalation Permissions Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43248 - "Apple macOS Privilege Escalation Vulnerability"

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43249 - "macOS Logic Flaw Allows Root Privilege Escalation"

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43250 - Apple macOS Sandbox Escalation Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43251 - Apple macOS Sequoia Authorization Bypass

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43252 - Apple macOS Link Following Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43253 - Apple macOS Binary Launch Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43254 - "Apple macOS File Processing Out-of-Bounds Read Vulnerability"

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43256 - Apple macOS Root Privilege Escalation Vulnerability

]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-40600 - SonicOS Externally-Controlled Format String Vulnerability

]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2025-4674 - Go VCS Command Execution Vulnerability

]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2025-54126 - WAMR iwasm IPv4 Address Pool Vulnerability (Remote Access Bypass)

]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2025-7361 - NI LabVIEW Code Injection Vulnerability

]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2025-7848 - NI LabVIEW Memory Corruption Vulnerability (Arbitrary Code Execution)

]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2025-7849 - NI LabVIEW Memory Corruption Vulnerability

]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2024-43018 - Piwigo SQL Injection Vulnerability

]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-45346 - Bacula-web SQL Injection

]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-52490 - Couchbase Sync Gateway Password Disclosure Vulnerability

]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-52899 - Tuleap User Enumeration Vulnerability

]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-53102 - Discourse Unauthenticated WebAuthn Challenge Leak

]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-53541 - Tuleap Cross-Site Scripting (XSS) Vulnerability

]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-53902 - Tuleap Information Disclosure Vulnerability

]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-5684 - MetForm for Elementor Stored Cross-Site Scripting

]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2024-42651 - NanoMQ Heap Use-After-Free Denial of Service Vulnerability

]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2024-42655 - NanoMQ MQTT Wildcard Access Control Bypass

]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2024-49828 - IBM Db2 Denial of Service Vulnerability

]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2024-51473 - IBM Db2 Denial of Service Vulnerability

]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2024-52894 - IBM Db2 Denial of Service

]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-33092 - IBM Db2 Stack-Based Buffer Overflow Vulnerability

]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-33114 - IBM Db2 Denial of Service Vulnerability

]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-36071 - IBM Db2 Denial of Service Memory Corruption Vulnerability

]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-51044 - phpgurukul Nipah virus (NiV) Testing Management System SQL Injection

]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-51045 - PhpGurukul Pre-School Enrollment System SQL Injection

]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-7675 - Autodesk 3DM Out-of-Bounds Write Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-5043 - Autodesk 3DM Heap-Based Overflow Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-6631 - Autodesk PRT File Out-of-Bounds Write Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-6635 - Autodesk PRT File Out-of-Bounds Read Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-6636 - Autodesk PRT File Use-After-Free Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-6637 - Autodesk PRT File Out-of-Bounds Write Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-7497 - Autodesk PRT File Out-of-Bounds Write Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-27514 - GLPI Kanban Stored Cross-Site Scripting Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-2179 - Palo Alto Networks GlobalProtect App Linux Privilege Escalation

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-2533 - IBM Db2 Denial of Service

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-2928 - Apache Solr SQL Injection

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-36010 - IBM Db2 Lock Wait Denial of Service

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-52284 - Totolink X6000R Command Injection Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-53711 - TP-Link TL-WR841N Remote Buffer Overflow Denial-of-Service Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-53712 - TP-Link TL-WR841N Web Service Denial-of-Service Buffer Overflow

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-53713 - TP-Link TL-WR841N Remote DoS Buffer Overflow Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-53714 - TP-Link TL-WR841N Remote Buffer Overflow DoS

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-53715 - "TP-Link TL-WR841N Web Service Buffer Overflow DoS"

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-5038 - Autodesk X_T File Memory Corruption Vulnerability

]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-31965 - HCL BigFix Remote Control Server WebUI Information Disclosure Vulnerability

]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-44136 - MapTiler Tileserver-php XSS

]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-44137 - MapTiler Tileserver-php Directory Traversal Vulnerability

]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-54420 - Apache HTTP Server Cross-Site Request Forgery

]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-54432 - Apache HTTP Server Unvalidated User Input Remote Code Execution

]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-5922 - TSplus Remote Access Admin Tool Unsalted PIN Hash Leak

]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-28171 - Grandstream UCM6510 Information Disclosure

]]>

Tue, 29 Jul 2025 16:15:00 GMT

read more

CVE-2025-28172 - Grandstream Networks UCM6510 Authentication Bypass

]]>

Tue, 29 Jul 2025 15:15:00 GMT

read more

CVE-2025-46059 - Langchain-ai GmailToolkit Arbitrary Code Execution Vulnerability

]]>

Tue, 29 Jul 2025 15:15:00 GMT

read more

CVE-2025-50738 - Apache Memos Information Disclosure Cross-Site Request Forgery

]]>

Tue, 29 Jul 2025 15:15:00 GMT

read more

CVE-2025-51970 - PuneethReddyHC Online Shopping System SQL Injection

]]>

Tue, 29 Jul 2025 15:15:00 GMT

read more

CVE-2024-42644 - FlashMQ Assertion Failure Vulnerability

]]>

Tue, 29 Jul 2025 14:15:00 GMT

read more

CVE-2024-42645 - FlashMQ Denial of Service (DoS) Vulnerability

]]>

Tue, 29 Jul 2025 14:15:00 GMT

read more

CVE-2025-52358 - Vivaldi iCONTROL+ Server Cross-Site Scripting Vulnerability

]]>

Tue, 29 Jul 2025 14:15:00 GMT

read more

CVE-2025-40682 - Human Resource Management System SQL Injection

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-40683 - Oracle Human Resource Management System Reflected XSS

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-40684 - Citrix Human Resource Management System Cross-Site Scripting (XSS)

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-40685 - SAP Human Resource Management System Cross-Site Scripting (XSS)

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-40686 - Oracle Human Resource Management System Reflected Cross-Site Scripting (XSS)

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-41241 - VMware vCenter Denial-of-Service Vulnerability

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-54422 - Sandboxie Password Transmission Vulnerability

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-6060 - DECE Software Geodi Cross-Site Scripting (XSS)

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-6175 - DECE Software Geodi CRLF Injection Vulnerability

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-6504 - HDP Server IP Spoofing Via X-Forwarded-For Header

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-6505 - Progress Software's Hybrid Data Pipeline Server OAuth Client Impersonation and Unauthorized Access Vulnerability

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-7458 - SQLite Integer Overflow Denial of Service/Information Disclosure

]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-5587 - WordPress Appzend Stored Cross-Site Scripting (XSS)

]]>

Tue, 29 Jul 2025 12:15:00 GMT

read more

CVE-2025-6730 - WooCommerce Free Gifts Lite - Unauthenticated Data Modification Vulnerability

]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-7689 - Hydra Booking WordPress Privilege Escalation

]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-8196 - Elementor Stored Cross-Site Scripting Vulnerability

]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-8216 - Sky Addons for Elementor Stored Cross-Site Scripting Vulnerability

]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-6681 - WordPress Fan Page Stored Cross-Site Scripting Vulnerability

]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-6692 - YouTube Embed for WordPress Stored Cross-Site Scripting

]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-26400 - SolarWinds Web Help Desk XXE Information Disclosure

]]>

Tue, 29 Jul 2025 08:15:00 GMT

read more

CVE-2025-53081 - Samsung DMS Arbitrary File Creation Vulnerability

]]>

Tue, 29 Jul 2025 06:15:00 GMT

read more

CVE-2025-53082 - Samsung DMS Arbitrary File Deletion Vulnerability

]]>

Tue, 29 Jul 2025 06:15:00 GMT

read more

CVE-2025-53649 - "SwitchBot Sensitive Information Exposure"

]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-6495 - Bricks WordPress Blind SQL Injection

]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-8264 - "Z-Push SQL Injection Vulnerability"

]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-3075 - Elementor Website Builder Stored Cross-Site Scripting Vulnerability

]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-4370 - Brizy – Page Builder Unauthenticated File Upload Vulnerability

]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-4566 - Elementor Website Builder Stored Cross-Site Scripting

]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-53077 - Samsung DMS Execution After Redirect Privilege Escalation Vulnerability

]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-53078 - Samsung DMS Deserialization Code Execution Vulnerability

]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-53079 - Samsung DMS Path Traversal Vulnerability

]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-53080 - Samsung DMS Data Management Server Path Traversal Vulnerability

]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-7809 - StreamWeasels Twitch Integration Stored Cross-Site Scripting Vulnerability

]]>

Tue, 29 Jul 2025 04:15:00 GMT

read more

CVE-2025-7810 - StreamWeasels Kick Integration Stored Cross-Site Scripting

]]>

Tue, 29 Jul 2025 04:15:00 GMT

read more

CVE-2025-7811 - StreamWeasels YouTube Integration WordPress Stored Cross-Site Scripting

]]>

Tue, 29 Jul 2025 04:15:00 GMT

read more

CVE-2025-54665 - Apache HTTP Server Command Injection

]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54666 - Apache HTTP Server Unvalidated User Input

]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54664 - Apache HTTP Server Cross-Site Scripting (XSS)

]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54661 - Citrix NetScaler Denial of Service

]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54662 - VMware Server Remote Code Execution

]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54663 - Google Maps Unvalidated Redirect

]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54767 - Xormon Original Process Kill Vulnerability

]]>

Tue, 29 Jul 2025 00:15:00 GMT

read more

CVE-2025-54768 - Fortinet Web Application Configuration Log Download Information Disclosure Vulnerability

]]>

Tue, 29 Jul 2025 00:15:00 GMT

read more

CVE-2025-54769 - Apache PERL Directory Traversal RCE

]]>

Tue, 29 Jul 2025 00:15:00 GMT

read more

CVE-2025-54766 - Apache Appliance Unauthorized Configuration Export Vulnerability

]]>

Tue, 29 Jul 2025 00:15:00 GMT

read more

CVE-2025-54765 - Fortinet Web Application Privilege Escalation Vulnerability

]]>

Tue, 29 Jul 2025 00:15:00 GMT

read more

CVE-2025-54426 - Polkadot Frontier Curve25519 Precompute Invalid Input Handling

]]>

Mon, 28 Jul 2025 21:15:00 GMT

read more

CVE-2025-54427 - Polkadot Frontier EVM Gas Price Manipulation Denial-of-Service

]]>

Mon, 28 Jul 2025 21:15:00 GMT

read more

CVE-2025-54428 - RevelaCode MongoDB Atlas URI Exposure

]]>

Mon, 28 Jul 2025 21:15:00 GMT

read more

CVE-2025-54429 - Polkadot Frontier CallableByContract AddressType Vulnerability

]]>

Mon, 28 Jul 2025 21:15:00 GMT

read more

CVE-2025-29534 - PowerStick Wave Dual-Band Wifi Extender Remote Code Execution Vulnerability

]]>

Mon, 28 Jul 2025 20:17:00 GMT

read more

CVE-2025-50485 - PHPGurukul Online Course Registration Session Hijacking Vulnerability

]]>

Mon, 28 Jul 2025 20:17:00 GMT

read more

CVE-2025-50486 - PHPGurukul Car Rental Project Session Hijacking Vulnerability

]]>

Mon, 28 Jul 2025 20:17:00 GMT

read more

CVE-2025-54419 - Node-SAML SAML Assertion Tampering

]]>

Mon, 28 Jul 2025 20:17:00 GMT

read more

CVE-2025-54423 - Copyparty Cross-Site Scripting (XSS) Vulnerability

]]>

Mon, 28 Jul 2025 20:17:00 GMT

read more

CVE-2025-8194 - Apache CPython TarFile Infinite Loop Deadlock

]]>

Mon, 28 Jul 2025 19:15:00 GMT

read more

CVE-2025-8283 - "Podman Netavark DNS Hijacking Vulnerability"

]]>

Mon, 28 Jul 2025 19:15:00 GMT

read more

CVE-2025-50484 - PHPGurukul Small CRM Session Hijacking Vulnerability

]]>

Mon, 28 Jul 2025 19:15:00 GMT

read more

CVE-2025-50487 - PHPGurukul Blood Bank Donor Management System Session Hijacking Vulnerability

]]>

Mon, 28 Jul 2025 19:15:00 GMT

read more

CVE-2025-43023 - HP Linux Imaging and Printing Software DSA Code Signing Key Weakness

]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-50488 - PHPGurukul Online Library Management System Session Hijacking Vuln

]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-50489 - PHPGurukul Student Result Management System Session Hijacking Vulnerability

]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-50491 - PHPGurukul Bank Locker Management System Session Hijacking Vulnerability

]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-50492 - PHPGurukul e-Diary Management System Session Hijacking Vulnerability

]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-54298 - Joomla CommentBox Stored Cross-Site Scripting Vulnerability

]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-54299 - Joomla No Boss Testimonials Stored XSS Vulnerability

]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-54535 - JetBrains TeamCity Weak Password Token Hashing

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54536 - JetBrains TeamCity GraphQL CSRF Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54537 - JetBrains TeamCity Plain Text User Credentials Memory Snapshot Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54538 - JetBrains TeamCity Password Exposure Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-7676 - Microsoft Windows DLL Hijacking Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54531 - JetBrains TeamCity Path Traversal Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54532 - JetBrains TeamCity Unrestricted Build Settings Disclosure Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54533 - JetBrains TeamCity Unrestricted Build Settings Disclosure Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54534 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-50494 - PHPGurukul Car Washing Management System Session Hijacking Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54527 - JetBrains YouTrack Iframe Sandbox Bypass

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54528 - JetBrains TeamCity GitHub App CSRF Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54529 - JetBrains TeamCity CSRF Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54530 - JetBrains TeamCity Directory Permission Escalation

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-50490 - PHPGurukul Student Result Management System Session Hijacking Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-50493 - PHPGurukul Doctor Appointment Management System Session Hijacking Vulnerability

]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-2297 - Apache Struts Privilege Escalation Vulnerability

]]>

Mon, 28 Jul 2025 16:15:00 GMT

read more

CVE-2025-6250 - Symantec Defendpoint Service Bypass

]]>

Mon, 28 Jul 2025 16:15:00 GMT

read more

CVE-2024-49342 - IBM Informix Dynamic Server Authentication Bypass

]]>

Mon, 28 Jul 2025 16:15:00 GMT

read more

CVE-2024-49343 - IBM Informix Dynamic Server HTML Injection Vulnerability

]]>

Mon, 28 Jul 2025 16:15:00 GMT

read more

CVE-2025-30125 - Marbella KR8s Dashcam Weak Password Authentication Vulnerability

]]>

Mon, 28 Jul 2025 15:15:00 GMT

read more

CVE-2025-53696 - iSTAR Ultra Firmware Verification Bypass Vulnerability

]]>

Mon, 28 Jul 2025 15:15:00 GMT

read more

CVE-2025-54418 - CodeIgniter ImageMagick Command Injection Vulnerability

]]>

Mon, 28 Jul 2025 15:15:00 GMT

read more

CVE-2025-53695 - iSTAR Ultra OS Command Injection Vulnerability

]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-8279 - GitLab Language Server GraphQL Query Injection Vulnerability

]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-24485 - MedDream PACS Premium Server-Side Request Forgery Vulnerability

]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-26469 - MedDream PACS Premium Default Permissions Leakage

]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-27724 - MedDream PACS Privilege Escalation Vulnerability

]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-30124 - Marbella KR8s Dashcam Information Disclosure Vulnerability

]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-30126 - Marbella KR8s Dashcam Unauthenticated Remote Access and Control Vulnerability

]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-30133 - IROAD Dashcam FX2 Unrestricted HTTP Server Access and Pairing Bypass

]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-32731 - MedDream PACS Premium Reflected XSS

]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-4056 - GLib Windows Command Line Denial of Service

]]>

Mon, 28 Jul 2025 13:15:00 GMT

read more

CVE-2025-54569 - Malwarebytes Binisoft Windows Firewall Control Privilege Escalation

]]>

Mon, 28 Jul 2025 13:15:00 GMT

read more

CVE-2025-8275 - Peru Cocktails App Android Improper Component Export Vulnerability

]]>

Mon, 28 Jul 2025 13:15:00 GMT

read more

CVE-2025-38494 - Linux Kernel HID Raw Request Bypass Vulnerability

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38495 - Linux Kernel HID Buffer Undersized

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38496 - QEMU dm-bufio Preemption Vulnerability

spinlock){....}-{2:2}, at: do_global_cleanup+0x2a5/0x710 Preemption disabled at: [] 0x0 CPU: 2 UID: 0 PID: 123 Comm: kworker/2:2 Not tainted 6.16.0-rc3-g90548c634bd0 #305 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 Workqueue: dm_bufio_cache do_global_cleanup Call Trace: dump_stack_lvl+0x53/0x70 __might_resched+0x360/0x4e0 do_global_cleanup+0x2f5/0x710 process_one_work+0x7db/0x1970 worker_thread+0x518/0xea0 kthread+0x359/0x690 ret_from_fork+0xf3/0x1b0 ret_from_fork_asm+0x1a/0x30 That can be reproduced by: veritysetup format --data-block-size=4096 --hash-block-size=4096 /dev/vda /dev/vdb SIZE=$(blockdev --getsz /dev/vda) dmsetup create myverity -r --table "0 $SIZE verity 1 /dev/vda /dev/vdb 4096 4096 1 sha256 1 try_verify_in_tasklet" mount /dev/dm-0 /mnt -o ro echo 102400 > /sys/module/dm_bufio/parameters/max_cache_size_bytes [read files in /mnt] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38497 - Linux Kernel USB Gadget configfs Out-of-Bounds Read

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-5997 - Beamsec PhishPro Privileged API Abuse

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-8274 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38487 - Aspeed LPC Snoop NULL Pointer Dereference Vulnerability

/sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... [ 120.363594] Unable to handle kernel NULL pointer dereference at virtual address 00000004 when write [ 120.373866] [00000004] *pgd=00000000 [ 120.377910] Internal error: Oops: 805 [#1] SMP ARM [ 120.383306] CPU: 1 UID: 0 PID: 315 Comm: sh Not tainted 6.15.0-rc1-00009-g926217bc7d7d-dirty #20 NONE ... [ 120.679543] Call trace: [ 120.679559] misc_deregister from aspeed_lpc_snoop_remove+0x84/0xac [ 120.692462] aspeed_lpc_snoop_remove from platform_remove+0x28/0x38 [ 120.700996] platform_remove from device_release_driver_internal+0x188/0x200 ... Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38488 - Linux Samba SMB Client Use-After-Free Vulnerability

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38489 - Linux Kernel s390 BPF NULL Pointer Dereference Vulnerability

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38490 - Linux Kernel libwx Double Free Vulnerability

next is NULL [ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120 [ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E) [ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi [ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary) [ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE [ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024 [ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120 [ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8 [ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282 [ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000 [ 876.949942] RDX: 0000000000000105 RSI: 00000 ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38491 - Linux MPTCP Atomic Fallback Vulnerability

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38492 - Linux Kernel Netfs ALL_QUEUED Race Condition Vulnerability

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38493 - Linux Kernel FORTIFY_SOURCE Buffer Overflow in timerlat_dump_stack

caller, fstack->calls, size); entry->size = fstack->nr_entries; Since commit e7186af7fb26 ("tracing: Add back FORTIFY_SOURCE logic to kernel_stack event structure"), struct stack_entry marks its caller field with __counted_by(size). At the time of the memcpy, entry->size contains garbage from the ringbuffer, which under some circumstances is zero, triggering a kernel panic by buffer overflow. Populate the size field before the memcpy so that the out-of-bounds check knows the correct size. This is analogous to __ftrace_trace_stack(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38474 - Sierra USB Net Interrupt Input Endpoint Validation Vulnerability

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38475 - Android Linux SMC Socket Type Confusion Vulnerability

inet_opt. The address was freed multiple times even though it was read-only memory. cipso_v4_sock_setattr() did nothing wrong, and the root cause was type confusion. The cited commit made it possible to create smc_sock as an INET socket. The issue is that struct smc_sock does not have struct inet_sock as the first member but hijacks AF_INET and AF_INET6 sk_family, which confuses various places. In this case, inet_sock.inet_opt was actually smc_sock.clcsk_data_ready(), which is an address of a function in the text segment. $ pahole -C inet_sock vmlinux struct inet_sock { ... struct ip_options_rcu * inet_opt; /* 784 8 */ $ pahole -C smc_sock vmlinux struct smc_sock { ... void (*clcsk_data_ready)(struct sock *); /* 784 8 */ The same issue for another field was reported before. [2][3] At that time, an ugly hack was suggested [4], but it makes both INET and SMC code error-prone and hard to change. Also, yet another variant was fixed by a hacky commit 98d4435efcbf3 ("net/smc: prevent NULL pointer dereference in txopt_get"). Instead of papering over the root cause by such hacks, we should not allow non-INET socket to reuse the INET infra. Let's add inet_sock as the first member of smc_sock. [0]: kvfree_call_rcu(): Double-freed call. rcu_head 000000006921da73 WARNING: CPU: 0 PID: 6718 at mm/slab_common.c:1956 kvfree_call_rcu+0x94/0x3f0 mm/slab_common.c:1955 Modules linked in: CPU: 0 UID: 0 PID: 6718 Comm: syz.0.17 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : kvfree_call_rcu+0x94/0x3f0 mm/slab_common.c:1955 lr : kvfree_call_rcu+0x94/0x3f0 mm/slab_common.c:1955 sp : ffff8000a03a7730 x29: ffff8000a03a7730 x28: 00000000fffffff5 x27: 1fffe000184823d3 x26: dfff800000000000 x25: ffff0000c2411e9e x24: ffff0000dd88da00 x23: ffff8000891ac9a0 x22: 00000000ffffffea x21: ffff8000891ac9a0 x20: ffff8000891ac9a0 x19: ffff80008afc2480 x18: 00000000ffffffff x17: 0000000000000000 x16: ffff80008ae642c8 x15: ffff700011ede14c x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff x11: ffff700011ede14c x10: 0000000000ff0100 x9 : 5fa3c1ffaf0ff000 x8 : 5fa3c1ffaf0ff000 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff8000a03a7078 x4 : ffff80008f766c20 x3 : ffff80008054d360 x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 Call trace: kvfree_call_rcu+0x94/0x3f0 mm/slab_common.c:1955 (P) cipso_v4_sock_setattr+0x2f0/0x3f4 net/ipv4/cipso_ipv4.c:1914 netlbl_sock_setattr+0x240/0x334 net/netlabel/netlabel_kapi.c:1000 smack_netlbl_add+0xa8/0x158 security/smack/smack_lsm.c:2581 smack_inode_setsecurity+0x378/0x430 security/smack/smack_lsm.c:2912 security_inode_setsecurity+0x118/0x3c0 security/security.c:2706 __vfs_setxattr_noperm+0x174/0x5c4 fs/xattr.c:251 __vfs_setxattr_locked+0x1ec/0x218 fs/xattr.c:295 vfs_setxattr+0x158/0x2ac fs/xattr.c:321 do_setxattr fs/xattr.c:636 [inline] file_setxattr+0x1b8/0x294 fs/xattr.c:646 path_setxattrat+0x2ac/0x320 fs/xattr.c:711 __do_sys_fsetxattr fs/xattr.c:761 [inline] __se_sys_fsetxattr fs/xattr.c:758 [inline] __arm64_sys_fsetxattr+0xc0/0xdc fs/xattr.c:758 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x58/0x180 arch/arm64/kernel/entry-common.c:879 el0t_64_sync_handler+0x84/0x12c arch/arm64/kernel/entry-common.c:898 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 [ ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38476 - Linux kernel RPL Use-after-free Vulnerability

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38477 - Linux Kernel sch_qfq Race Condition Vulnerability

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38478 - Linux Comedi Uninitialized Data Access Vulnerability

n` elements in some cases. The `do_insn_ioctl()` and `do_insnlist_ioctl()` functions allocate at least `MIN_SAMPLES` (16) data elements to deal with this, but they do not initialize all of that. For Comedi instruction codes that write to the subdevice, the first `insn->n` data elements are copied from user-space, but the remaining elements are left uninitialized. That could be a problem if the subdevice instruction handler reads the uninitialized data. Ensure that the first `MIN_SAMPLES` elements are initialized before calling these instruction handlers, filling the uncopied elements with 0. For `do_insnlist_ioctl()`, the same data buffer elements are used for handling a list of instructions, so ensure the first `MIN_SAMPLES` elements are initialized for each instruction that writes to the subdevice. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38480 - Comedi Uninitialized Data Exposure Vulnerability

n` is 0 (which is allowable for `INSN_READ` and `INSN_WRITE` instructions, then `data[0]` may contain uninitialized data, and certainly contains invalid data, possibly from a different instruction in the array of instructions handled by `do_insnlist_ioctl()`. This will result in an incorrect value being written to the digital output channel (or to the digital input/output channel if configured as an output), and may be reflected in the internal saved state of the channel. Fix it by returning 0 early if `insn->n` is 0, before reaching the code that accesses `data[0]`. Previously, the function always returned 1 on success, but it is supposed to be the number of data samples actually read or written up to `insn->n`, which is 0 in this case. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38481 - Linux Kernel Comedi Invalid Arg Error Vulnerability

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38482 - Linux Kernel Comedi Out-of-Bounds Bit Shift Vulnerability

options[1]) & 0x8cec) { However, `it->options[i]` is an unchecked `int` value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring `it->options[1]` to be within bounds before proceeding with the original test. Valid `it->options[1]` values that select the IRQ will be in the range [1,15]. The value 0 explicitly disables the use of interrupts. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38483 - Linux Kernel comedi das16m1 Out-of-Bounds Bit Shift Vulnerability

options[1]) & 0xdcfc) { However, `it->options[i]` is an unchecked `int` value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring `it->options[1]` to be within bounds before proceeding with the original test. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38484 - Linux Kernel IIO Backend Out-of-Bounds Write Vulnerability

]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38485 - "Linux Kernel IIO Accel FXLS8962AF Use After Free Null Pointer Dereference Vulnerability"

active_scan_mask (with iio_for_each_active_channel()) without making sure the indio_dev stays in buffer mode. There is a race if indio_dev exits buffer mode in the middle of the interrupt that flushes the fifo. Fix this by calling synchronize_irq() to ensure that no interrupt is currently running when disabling buffer mode. Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read [...] _find_first_bit_le from fxls8962af_fifo_flush+0x17c/0x290 fxls8962af_fifo_flush from fxls8962af_interrupt+0x80/0x178 fxls8962af_interrupt from irq_thread_fn+0x1c/0x7c irq_thread_fn from irq_thread+0x110/0x1f4 irq_thread from kthread+0xe0/0xfc kthread from ret_from_fork+0x14/0x2c Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38486 - Qualcomm Soundwire QCOM SDM845 Kernel BRK Exception Handler Vulnerability

pconfig[] is supposed to be unused. We start counting at 1. However this code sets ctrl->pconfig[0].ch_mask = 128. Bug #2: There are SLIM_MAX_TX_PORTS (16) elements in tx_ch[] array but only QCOM_SDW_MAX_PORTS + 1 (15) in the ctrl->pconfig[] array so it corrupts memory like Yongqin Liu pointed out. Bug 3: Like Jie Gan pointed out, it erases all the tx information with the rx information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-8270 - Exam Form Submission SQL Injection

]]>

Mon, 28 Jul 2025 10:15:00 GMT

read more

CVE-2025-8271 - Code-projects Exam Form Submission SQL Injection Vulnerability

]]>

Mon, 28 Jul 2025 10:15:00 GMT

read more

CVE-2025-27800 - "Optimizely Episerver Stored Cross-Site Scripting Vulnerability"

]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-27801 - Optimizely Episerver Stored Cross-Site Scripting (XSS) Vulnerability

]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-27802 - "Optimizely Episerver Stored Cross-Site Scripting (XSS) Vulnerability"

]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-8265 - 299Ko CMS File Management Unrestricted Upload Vulnerability

]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-8266 - Yanyutao0402 ChanCMS Deserialization Remote Code Execution

]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-8269 - Apache Code-projects Exam Form Submission SQL Injection Vulnerability

]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-8263 - Prettier Remote Regular Expression Complexity Vulnerability

]]>

Mon, 28 Jul 2025 08:15:00 GMT

read more

CVE-2025-8261 - "Vaelsys User Creation Handler Remote Authorization Bypass"

]]>

Mon, 28 Jul 2025 07:15:00 GMT

read more

CVE-2025-8262 - Yarn Remote Regular Expression Complexity Vulnerability

]]>

Mon, 28 Jul 2025 07:15:00 GMT

read more

CVE-2025-8259 - Vaelsys Vgrid Server Os Command Injection Vulnerability

]]>

Mon, 28 Jul 2025 06:15:00 GMT

read more

CVE-2025-8260 - Vaelsys MD4 Hash Handler Remote Weak Hash Vulnerability

]]>

Mon, 28 Jul 2025 06:15:00 GMT

read more

CVE-2025-8256 - Code-projects Online Ordering System Unrestricted File Upload Vulnerability

]]>

Mon, 28 Jul 2025 05:16:00 GMT

read more

CVE-2025-8257 - Lobby Universe Lobby App Android Manifest XML Component Export Vulnerability

]]>

Mon, 28 Jul 2025 05:16:00 GMT

read more

CVE-2025-8258 - Cool Mo Maigcal Number App Android Android Application Component Export Vulnerability

]]>

Mon, 28 Jul 2025 05:16:00 GMT

read more

CVE-2025-8267 - Apache SSRF in ssrfcheck

]]>

Mon, 28 Jul 2025 05:16:00 GMT

read more

CVE-2025-8254 - Campcodes Courier Management System SQL Injection Vulnerability

]]>

Mon, 28 Jul 2025 04:15:00 GMT

read more

CVE-2025-8255 - "Code-projects Exam Form Submission Unrestricted File Upload Vulnerability"

]]>

Mon, 28 Jul 2025 04:15:00 GMT

read more

CVE-2023-53159 - OpenSSL X509VerifyParamRef Out-of-Bounds Read

]]>

Mon, 28 Jul 2025 03:15:00 GMT

read more

CVE-2023-53160 - Sequoia OpenPGP Array Access Vulnerability

]]>

Mon, 28 Jul 2025 03:15:00 GMT

read more

CVE-2023-53161 - Apache Buffered-Reader Out-of-Bounds Array Access Panic

]]>

Mon, 28 Jul 2025 03:15:00 GMT

read more

CVE-2025-8252 - Code-projects Exam Form Submission SQL Injection Vulnerability

]]>

Mon, 28 Jul 2025 03:15:00 GMT

read more

CVE-2025-8253 - "Code-Projects Exam Form Submission SQL Injection Vulnerability"

]]>

Mon, 28 Jul 2025 03:15:00 GMT

read more

CVE-2025-8251 - Code-projects Exam Form Submission SQL Injection Vulnerability

]]>

Mon, 28 Jul 2025 02:15:00 GMT

read more

CVE-2022-50237 - Apache Ed25519-Dalek RSA Private Key Extraction Vulnerability

]]>

Mon, 28 Jul 2025 02:15:00 GMT

read more

CVE-2023-53158 - Apache Gix Command Execution Vulnerability

]]>

Mon, 28 Jul 2025 01:15:00 GMT

read more

CVE-2025-8248 - Code-projects Online Ordering System SQL Injection Vulnerability

]]>

Mon, 28 Jul 2025 01:15:00 GMT

read more

CVE-2025-8249 - Apache Code-projects Exam Form Submission SQL Injection Vulnerability

]]>

Mon, 28 Jul 2025 01:15:00 GMT

read more

CVE-2025-8250 - "Code-Projects Exam Form Submission SQL Injection Vulnerability"

]]>

Mon, 28 Jul 2025 01:15:00 GMT

read more

CVE-2023-53157 - Rosenpass Crate Denial of Service Vulnerability

]]>

Mon, 28 Jul 2025 00:15:00 GMT

read more

CVE-2025-8247 - Projectworlds Online Admission System SQL Injection Vulnerability

]]>

Mon, 28 Jul 2025 00:15:00 GMT

read more

CVE-2025-8246 - TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability

]]>

Sun, 27 Jul 2025 23:15:00 GMT

read more

Fuite de données chez Orange

]]>

Fri Jul 25 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Cybermalveillance.gouv.fr lance une AlerteCyber concernant deux failles de sécurité critiques dans Microsoft SharePoint

]]>

Thu, 24 Jul 2025 10:20:00 GMT

read more

CRA, l’ANSSI encourage l’implication d’organismes d’évaluation de la conformité

]]>

Thu, 24 Jul 2025 07:37:00 GMT

read more

CVE-2025-54365 - Fastapi-Guard Regular Expression ReDoS Bypass

]]>

Wed, 23 Jul 2025 23:15:00 GMT

read more

CVE-2016-15044 - Kaltura Remote Code Execution Vulnerability

]]>

Wed, 23 Jul 2025 22:15:00 GMT

read more

CVE-2025-32019 - Harbor Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-47281 - Kyverno JMESPath Variable Substitution Denial of Service

]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-53537 - LibHTP HTTP Protocol Parsing Memory Leak Vulnerability

]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-53942 - Authentik OAuth/SAML Deactivated User Partial Access Vulnerability

]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-54371 - Apache Struts Remote Code Execution

]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-54377 - Roo Code Multi-Line Command Injection Vulnerability

]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-44109 - Pinokio URL Redirection Vulnerability

]]>

Wed, 23 Jul 2025 20:15:00 GMT

read more

CVE-2025-8058 - "GNU C Library Regcomp Double Free Vulnerability"

]]>

Wed, 23 Jul 2025 20:15:00 GMT

read more

CVE-2025-46686 - Redis Memory Allocation Vulnerability

]]>

Wed, 23 Jul 2025 19:15:00 GMT

read more

CVE-2025-47187 - Mitel SIP Phones File Upload Vulnerability

]]>

Wed, 23 Jul 2025 19:15:00 GMT

read more

CVE-2025-50477 - Lbry-Desktop URL Redirection Vulnerability

]]>

Wed, 23 Jul 2025 19:15:00 GMT

read more

CVE-2025-4439 - GitLab Cross-Site Scripting (XSS)

]]>

Wed, 23 Jul 2025 18:15:00 GMT

read more

CVE-2025-4700 - GitLab CE/EE Cross-Site Scripting Vulnerability

]]>

Wed, 23 Jul 2025 18:15:00 GMT

read more

CVE-2025-2633 - NI LabVIEW Out-of-Bounds Read Arbitrary Code Execution

]]>

Wed, 23 Jul 2025 16:15:00 GMT

read more

CVE-2025-2634 - NI LabVIEW Fontmgr Out-of-Bounds Read Vulnerability

]]>

Wed, 23 Jul 2025 16:15:00 GMT

read more

CVE-2025-46171 - vBulletin Denial-of-Service Vulnerability

]]>

Wed, 23 Jul 2025 16:15:00 GMT

read more

CVE-2025-50481 - Mezzanine CMS XSS Vulnerability

]]>

Wed, 23 Jul 2025 16:15:00 GMT

read more

CVE-2025-8069 - AWS Client VPN Windows OpenSSL Configuration File Execution

]]>

Wed, 23 Jul 2025 16:15:00 GMT

read more

CVE-2025-36117 - IBM Db2 Mirror for i Session ID Impersonation Vulnerability

]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-40596 - SMA100 Series Web Interface Stack-based Buffer Overflow Vulnerability

]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-40597 - D-Link SMA100 Series Heap-based Buffer Overflow Vulnerability

]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-40598 - HPE SMA100 Series Reflected Cross-Site Scripting (XSS)

]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-6018 - Linux PAM pam-config Local Privilege Escalation

]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-36116 - IBM Db2 Mirror for i Cross-Site WebSocket Hijacking Vulnerability

]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-33020 - IBM Engineering Systems Design Rhapsody Unencrypted Sensitive Information Disclosure

]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-33076 - IBM Engineering Systems Design Rhapsody Buffer Overflow Vulnerability

]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-33077 - IBM Engineering Systems Design Rhapsody Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

AlerteCyber : Failles de sécurité critiques dans Microsoft SharePoint

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2022-4978 - Steppschuh Remote Control Server UDP Keystroke Injection RCE

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2025-40599 - SonicWall SMA Arbitrary File Upload Vulnerability

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2025-46099 - Pluck CMS Remote Code Execution Vulnerability

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2025-54090 - Apache HTTP Server Rewrite Condition Evaluation Vulnerability

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2015-10141 - Xdebug OS Command Injection

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2016-15045 - Deepin lastore-daemon D-Bus Privilege Escalation Vulnerability

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2017-20198 - Apache DC/OS Docker Container Escalation

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2018-25113 - Dicoogle PACS Web Server Path Traversal Vulnerability

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2018-25114 - Apache osCommerce Remote Code Execution Vulnerability

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2010-10012 - Apache HTTP Server Path Traversal Vulnerability

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2025-4411 - Dataprom Informatics PACS-ACSS Cross-Site Scripting (XSS)

]]>

Wed, 23 Jul 2025 13:15:00 GMT

read more

CVE-2025-50127 - Joomla DJ-Flyer SQL Injection Vulnerability

]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-54294 - Komento SQL Injection Vulnerability

]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-54295 - Joomla DJ-Reviews Reflected Cross-Site Scripting (XSS)

]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-54296 - Joomla ProFiles Stored XSS

]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-54297 - "Joomla CComment Stored XSS"

]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2024-12310 - Imprivata Enterprise Access Management Windows Autologon Keyboard Shortcut Bypass

]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2024-40682 - IBM SmartCloud Analytics Log Analysis Input Validation Denial of Service

]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2024-40686 - IBM SmartCloud Analytics - Log Analysis HTTP Header Injection Vulnerability

]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2024-41750 - IBM SmartCloud Analytics Log Analysis Authentication Bypass Vulnerability

]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2024-41751 - IBM SmartCloud Analytics Log Analysis Bypass Security Vulnerability

]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-4296 - HotelRunner B2B Open Redirect

]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-27930 - Zohocorp ManageEngine Applications Manager Stored Cross-Site Scripting

]]>

Wed, 23 Jul 2025 11:15:00 GMT

read more

CVE-2025-53882 - "OpenSUSE Mailman3 Logrotate Untrusted Input Escalation"

]]>

Wed, 23 Jul 2025 10:15:00 GMT

read more

CVE-2025-41687 - Cisco u-link Management API Stack Buffer Overflow Vulnerability

]]>

Wed, 23 Jul 2025 09:15:00 GMT

read more

CVE-2025-41683 - Apache Device Command Injection Vulnerability

]]>

Wed, 23 Jul 2025 09:15:00 GMT

read more

CVE-2025-41684 - Apache IoT Command Injection Vulnerability

]]>

Wed, 23 Jul 2025 09:15:00 GMT

read more

CVE-2025-8070 - "ABP AES Unquoted Service Path Privilege Escalation Vulnerability"

]]>

Wed, 23 Jul 2025 08:15:00 GMT

read more

CVE-2025-31700 - Dahua Network Device Buffer Overflow Vulnerability

]]>

Wed, 23 Jul 2025 07:15:00 GMT

read more

CVE-2025-31701 - Dahua Network Device Buffer Overflow Vulnerability

]]>

Wed, 23 Jul 2025 07:15:00 GMT

read more

CVE-2025-54452 - Samsung MagicINFO 9 Server Authentication Bypass

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54453 - Samsung MagicINFO 9 Server Path Traversal Code Injection

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54454 - Samsung Electronics MagicINFO 9 Server Hard-coded Credentials Authentication Bypass Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54455 - Samsung MagicINFO 9 Server Hard-coded Credentials Authentication Bypass

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-6174 - Qwizcards WordPress Plugin Reflected Cross-Site Scripting

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54451 - Samsung Electronics MagicINFO 9 Server Code Injection Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54439 - Samsung Electronics MagicINFO 9 Server File Upload Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54440 - Samsung Electronics MagicINFO 9 Server File Upload Code Injection Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54441 - Samsung Electronics MagicINFO 9 Server Unrestricted File Upload Code Injection Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54442 - Samsung Electronics MagicINFO 9 Server File Upload Code Injection Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54443 - Samsung MagicINFO 9 Server Path Traversal Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54444 - Samsung Electronics MagicINFO 9 Server File Upload Code Injection Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54445 - Samsung MagicINFO 9 Server XML External Entity Reference SSRF

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54446 - Samsung MagicINFO 9 Server Path Traversal

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54447 - Samsung Electronics MagicINFO 9 Server Unrestricted File Upload Code Injection Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54448 - Samsung Electronics MagicINFO 9 Server Unrestricted File Upload Code Injection Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54449 - Samsung Electronics MagicINFO 9 Server Unrestricted File Upload Code Injection Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54450 - Samsung MagicINFO 9 Server Path Traversal Code Injection Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54438 - Samsung MagicINFO 9 Server Path Traversal Vulnerability

]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-8020 - Private-IP SSRF

]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2025-8021 - Files-Bucket-Server Directory Traversal

]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2025-8022 - "Bun OS Command Injection Vulnerability"

]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2024-53287 - Synology Router Manager SRM Cross-site Scripting Vulnerability

]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2024-53288 - Synology Router Manager SRM Cross-site Scripting Vulnerability

]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2025-43881 - Real-time Bus Tracking System Denial of Service

]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2025-42947 - SAP FICA ODN Framework Remote Code Execution

]]>

Wed, 23 Jul 2025 04:15:00 GMT

read more

CVE-2025-5753 - WordPress Valuation Calculator Stored Cross-Site Scripting Vulnerability

]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-5818 - "Unsplash WordPress Plugin SSRF Vulnerability"

]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-6054 - "YANewsflash WordPress CSRF"

]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-6190 - Realty Portal – Agent WordPress Privilege Escalation

]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-6214 - Omnishop for WordPress CSRF Vulnerability

]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-6215 - Omnishop Plugin for WordPress Unauthenticated User Registration Bypass

]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-6261 - Fleetwire Fleet Management WordPress Stored Cross-Site Scripting

]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-7722 - WordPress Social Streams Privilege Escalation Vulnerability

]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-8060 - Tenda AC23 HTTPd Stack-Based Buffer Overflow

]]>

Wed, 23 Jul 2025 02:15:00 GMT

read more

CVE-2025-54120 - PCL CE Unintended Login Credential Logging

]]>

Wed, 23 Jul 2025 01:15:00 GMT

read more

CVE-2025-43483 - Poly Clariti Manager Cryptographic Key Disclosure Vulnerability

]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43484 - Poly Clariti Manager Cross-Site Scripting (XSS)

]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43485 - Poly Clariti Manager Information Disclosure Vulnerability

]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43486 - Poly Clariti Manager Stored Cross-Site Scripting Vulnerability

]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43487 - Poly Clariti Manager Sudo Privilege Escalation Vulnerability

]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43488 - Poly Clariti Manager XSS Bypass

]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43489 - Poly Clariti Manager Deserialization Vulnerability

]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-54139 - HAX CMS Clickjacking Vulnerability

]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43020 - Poly Clariti Manager Command Injection

]]>

Tue, 22 Jul 2025 23:15:00 GMT

read more

CVE-2025-43021 - Poly Clariti Manager Default Password Disclosure Vulnerability

]]>

Tue, 22 Jul 2025 23:15:00 GMT

read more

CVE-2025-43022 - Poly Clariti Manager SQL Injection Vulnerability

]]>

Tue, 22 Jul 2025 23:15:00 GMT

read more

CVE-2025-7766 - Lantronix Provisioning Manager XML External Entity Injection RCE

]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-8010 - Google Chrome V8 Type Confusion Heap Corruption

]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-8011 - Google Chrome V8 Type Confusion Heap Corruption Vulnerability

]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-41425 - DuraComm SPM-500 Cross-Site Scripting (XSS) Vulnerability

]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-48733 - DuraComm SPM-500 Authentication Bypass

]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-53538 - Suricata HTTP2 Data Stream 0 Memory Corruption Vulnerability

any any (frame:http2.hdr; byte_test:1,=,0,3; byte_test:4,=,0,5; sid: 1;) where the first byte test tests the HTTP2 frame type DATA and the second tests the stream id 0. This is fixed in versions 7.0.11 and 8.0.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-53703 - DuraComm SPM-500 Data Transmission Without Encryption Vulnerability

]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-54072 - Yt-dlp Windows Remote Code Execution Vulnerability

]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-54137 - HAX CMS NodeJS Hardcoded Credentials and Private Keys Vulnerability

]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-54138 - LibreNMS Remote File Inclusion Vulnerability

]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-54140 - pyLoad Path Traversal Remote Code Execution Vulnerability

]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-54141 - ViewVC Filesystem Exposure Vulnerability

]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-8043 - Firefox URL Truncation Vulnerability

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8044 - Mozilla Firefox Memory Corruption Vulnerability

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8030 - Mozilla Firefox/Thunderbird Cross-Site Scripting (XSS)

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8031 - Mozilla Firefox and Thunderbird HTTP Basic Authentication Credential Leak Vulnerability

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8032 - Mozilla Firefox/Thunderbird XSLT Document Loading CSP Bypass

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8033 - Mozilla Firefox/Thunderbird Null Pointer Dereference in JavaScript Engine

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8034 - Mozilla Firefox and Thunderbird Memory Corruption Vulnerability

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8035 - Mozilla Firefox/Thunderbird Memory Corruption Vulnerability

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8036 - Thunderbird CORS Preloading DNS Rebinding

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8037 - Mozilla Cookie Secure Bypass

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8038 - Thunderbird Frame Navigation Path Validation Vulnerability

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8039 - Firefox/Thunderbird URL Bar Search Term Persistence Vulnerability

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8040 - Mozilla Firefox and Thunderbird Memory Corruption Vulnerability

]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-31511 - AlertEnterprise Guardian Bypass Manager Approval Vulnerability

]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-31512 - AlertEnterprise Guardian Approval Bypass Vulnerability

]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-31513 - AlertEnterprise Guardian Privilege Escalation Vulnerability

]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-51458 - Eosphoros-ai DB-GPT SQL Injection

]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-51472 - TransformerOptimus SuperAGI Code Injection Vulnerability

]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-51475 - SuperAGI File Overwrite Vulnerability

]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-51459 - Eosphoros-ai DB-GPT File Upload RCE

]]>

Tue, 22 Jul 2025 19:15:00 GMT

read more

CVE-2025-51471 - Ollama Cross-Domain Token Exposure Information Disclosure

]]>

Tue, 22 Jul 2025 19:15:00 GMT

read more

CVE-2025-51479 - Onyx Enterprise Edition Authorization Bypass Vulnerability

]]>

Tue, 22 Jul 2025 19:15:00 GMT

read more

CVE-2024-38335 - IBM Security QRadar Network Threat Analytics Resource Allocation DoS Vulnerability

]]>

Tue, 22 Jul 2025 18:15:00 GMT

read more

CVE-2025-48964 - Iputils Ping Denial of Service (Integer Overflow)

]]>

Tue, 22 Jul 2025 18:15:00 GMT

read more

CVE-2025-51464 - Aimhubio Aim XSS

]]>

Tue, 22 Jul 2025 18:15:00 GMT

read more

CVE-2025-51481 - Dagster Grpc Local File Inclusion Vulnerability

]]>

Tue, 22 Jul 2025 17:15:00 GMT

read more

CVE-2025-51482 - Letta AI Remote Code Execution

]]>

Tue, 22 Jul 2025 17:15:00 GMT

read more

CVE-2025-6523 - Devolutions Server Weak Emergency Code Brute Force

]]>

Tue, 22 Jul 2025 17:15:00 GMT

read more

CVE-2025-6741 - Devolutions Server Secure Message Component Unauthorized Access Stealing Vulnerability

]]>

Tue, 22 Jul 2025 17:15:00 GMT

read more

CVE-2025-36512 - Bloomberg Comdb2 Denial of Service

]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-36520 - Bloomberg Comdb2 Denial of Service (Null Pointer Dereference)

]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-46354 - Bloomberg Comdb2 Denial of Service Vulnerability

]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-48498 - Bloomberg Comdb2 Distributed Transaction Null Pointer Dereference Denial of Service

]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-51463 - AIM Path Traversal Vulnerability

]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-51480 - ONNX Path Traversal Vulnerability

]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-5042 - Autodesk Revit Out-of-Bounds Read Vulnerability

]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-7371 - Okta On-Premises Provisioning (OPP) Password Reset Information Disclosure

=2.2.1 and 2.3.0, and User account has had an administrator-initiated password reset while using the affected versions. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-8019 - Libituo Technology LBT-T300-T310 CGI Buffer Overflow Vulnerability

]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-35966 - Bloomberg Comdb2 Denial of Service Null Pointer Dereference

]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-51859 - Chaindesk Agent Chat Stored XSS

]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51860 - TelegAI Stored Cross-Site Scripting (XSS)

]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51862 - TelegAI Chat IDOR and Stored XSS Vulnerability

]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51863 - ChatGPTUnli Cross-Site Scripting (XSS)

]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51864 - AIBOX LLM Chat Reflected XSS

]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51865 - Allenai Ai2 Playground Web Service IDOR

]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-8015 - "WordPress Shortcodes Ultimate Stored Cross-Site Scripting"

]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-8018 - Code-projects Food Ordering Review System SQL Injection Vulnerability

]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-4878 - A vulnerability was found in libssh, where an unin

]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51858 - Self Cross-Site Scripting (XSS) vulnerability in C

]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2015-10140 - The Ajax Load More plugin before 2.8.1.2 does not

]]>

Tue, 22 Jul 2025 14:15:00 GMT

read more

CVE-2025-4294 - Improper Neutralization of Input During Web Page G

]]>

Tue, 22 Jul 2025 14:15:00 GMT

read more

CVE-2025-4295 - Improper Validation of Certificate with Host Misma

]]>

Tue, 22 Jul 2025 14:15:00 GMT

read more

CVE-2025-51867 - Insecure Direct Object Reference (IDOR) vulnerabil

]]>

Tue, 22 Jul 2025 14:15:00 GMT

read more

CVE-2025-8017 - A vulnerability was found in Tenda AC7 15.03.06.44

]]>

Tue, 22 Jul 2025 14:15:00 GMT

read more

CVE-2025-34140 - An authorization bypass vulnerability exists in ET

]]>

Tue, 22 Jul 2025 13:15:00 GMT

read more

CVE-2025-34141 - A reflected cross-site scripting (XSS) vulnerabili

]]>

Tue, 22 Jul 2025 13:15:00 GMT

read more

CVE-2025-34142 - An XML External Entity (XXE) injection vulnerabili

]]>

Tue, 22 Jul 2025 13:15:00 GMT

read more

CVE-2025-34143 - An authentication bypass vulnerability exists in E

]]>

Tue, 22 Jul 2025 13:15:00 GMT

read more

CVE-2025-4284 - Improper Neutralization of Input During Web Page G

]]>

Tue, 22 Jul 2025 12:15:00 GMT

read more

CVE-2025-4285 - Improper Neutralization of Special Elements used i

]]>

Tue, 22 Jul 2025 12:15:00 GMT

read more

CVE-2025-7705 - : Active Debug Code vulnerability in ABB Switch Ac

]]>

Tue, 22 Jul 2025 12:15:00 GMT

read more

CVE-2025-7899 - The powermail extension for TYPO3 allows Insecure

]]>

Tue, 22 Jul 2025 11:15:00 GMT

read more

CVE-2025-7900 - The femanager extension for TYPO3 allows Insecure

]]>

Tue, 22 Jul 2025 11:15:00 GMT

read more

CVE-2025-46267 - Hidden functionality issue exists in WRC-BE36QS-B

]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-53472 - WRC-BE36QS-B and WRC-W701-B contain an improper ne

]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-6082 - The Birth Chart Compatibility plugin for WordPress

]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-6187 - The bSecure plugin for WordPress is vulnerable to

]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-6213 - The Nginx Cache Purge Preload plugin for WordPress

]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-7427 - Uncontrolled Search Path Element in Arm Developmen

]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-7685 - The Like Share My Site plugin for WordPress is v

]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-7687 - The Latest Post Accordian Slider plugin for WordPr

]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-7692 - The Orion Login with SMS plugin for WordPress is v

]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-38352 - Linux Kernel POSIX CPU Timers Race Condition Vulnerability

it.cpu.firing != 0: cpu_timer_task_rcu() and/or lock_task_sighand() will fail. Add the tsk->exit_state check into run_posix_cpu_timers() to fix this. This fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because exit_task_work() is called before exit_notify(). But the check still makes sense, task_work_add(&tsk->posix_cputimers_work.work) will fail anyway in this case. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 22 Jul 2025 08:15:00 GMT

read more

CVE-2025-7645 - WordPress Contact Form 7 Extensions File Deletion Vulnerability

]]>

Tue, 22 Jul 2025 07:15:00 GMT

read more

CVE-2025-52580 - Region PAY App for Android Information Exposure

]]>

Tue, 22 Jul 2025 05:15:00 GMT

read more

CVE-2025-6585 - WordPress JobHunt Insecure Direct Object Reference

]]>

Tue, 22 Jul 2025 05:15:00 GMT

read more

CVE-2025-7495 - WordPress WP-Members Membership Plugin Stored Cross-Site Scripting Vulnerability

]]>

Tue, 22 Jul 2025 05:15:00 GMT

read more

CVE-2025-7644 - Elementor Pixel Gallery Stored Cross-Site Scripting

]]>

Tue, 22 Jul 2025 05:15:00 GMT

read more

CVE-2025-7953 - Sanluan PublicCMS Open Redirect Vulnerability

]]>

Tue, 22 Jul 2025 04:15:00 GMT

read more

CVE-2025-54362 - Apache HTTP Server Remote Code Execution

]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-7950 - Code-projects Public Chat Room SQL Injection Vulnerability

]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-7951 - Code-projects Public Chat Room Cross-Site Scripting Vulnerability

]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-7952 - TOTOLINK T6 Command Injection Vulnerability

]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-54357 - Rejected reason: Not used

]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-54358 - Rejected reason: Not used

]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-54359 - Rejected reason: Not used

]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-54360 - Rejected reason: Not used

]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-54361 - Rejected reason: Not used

]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-7945 - A vulnerability was found in D-Link DIR-513 up to

]]>

Tue, 22 Jul 2025 00:15:00 GMT

read more

Fuite de données chez France Travail

]]>

Tue Jul 22 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-7486 - The Ebook Store plugin for WordPress is vulnerable

]]>

Mon, 21 Jul 2025 23:15:00 GMT

read more

CVE-2025-7943 - A vulnerability was found in PHPGurukul Taxi Stand

]]>

Mon, 21 Jul 2025 23:15:00 GMT

read more

CVE-2025-7944 - A vulnerability was found in PHPGurukul Taxi Stand

]]>

Mon, 21 Jul 2025 23:15:00 GMT

read more

CVE-2025-7941 - A vulnerability, which was classified as problemat

]]>

Mon, 21 Jul 2025 22:15:00 GMT

read more

CVE-2025-7942 - A vulnerability has been found in PHPGurukul Taxi

]]>

Mon, 21 Jul 2025 22:15:00 GMT

read more

CVE-2025-53528 - Cadwyn creates production-ready community-driven m

]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-53832 - Lara Translate MCP Server is a Model Context Proto

, &&, etc.). This vulnerability is fixed in version 0.0.12. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-54122 - Manager-io/Manager is accounting software. A criti

]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-54127 - HAXcms with nodejs backend allows users to start t

]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-54128 - HAX CMS NodeJs allows users to manage their micros

]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-54129 - HAXiam is a packaging wrapper for HAXcms which all

]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-54134 - HAX CMS NodeJs allows users to manage their micros

]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-7939 - A vulnerability was found in jerryshensjf JPACooki

]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-7940 - A vulnerability was found in Genshin Albedo Cat Ho

]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-7318 - IrfanView CADImage Plugin DWG File Parsing Memory

]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7319 - IrfanView CADImage Plugin DWG File Parsing Out-Of-

]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7320 - IrfanView CADImage Plugin DXF File Parsing Memory

]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7321 - IrfanView CADImage Plugin DWG File Parsing Memory

]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7322 - IrfanView CADImage Plugin DWG File Parsing Out-Of-

]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7323 - IrfanView CADImage Plugin DWG File Parsing Memory

]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7324 - IrfanView CADImage Plugin DXF File Parsing Out-Of-

]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7325 - IrfanView CADImage Plugin DXF File Parsing Memory

]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7936 - A vulnerability has been found in fuyang_lipengjun

]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7938 - A vulnerability was found in jerryshensjf JPACooki

]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-4049 - Signum-Net FARA SQLite Hard-Coded Credentials Vulnerability

]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-4569 - ASUS MyASUS Token Stealing Vulnerability

]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-4570 - MyASUS Token Stealing Vulnerability

]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-4685 - Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor WordPress Stored Cross-Site Scripting Vulnerability

]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-7354 - WordPress Shortcodes Ultimate Stored Cross-Site Scripting

]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-7369 - "WordPress Shortcodes Ultimate CSRF and XSS"

]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-0664 - OpenSSL Privileged Library Loading Vulnerability

]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-24936 - Apache Web Server Remote Command Execution Vulnerability

]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-24937 - Apache Web Server Remote File Inclusion Vulnerability

]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-24938 - Apache Web Server Command Injection Vulnerability

]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7343 - Digiwin SFT SQL Injection

]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7344 - Digiwin EAI Privilege Escalation Vulnerability

]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7919 - Simopro Technology WinMatrix3 Web SQL Injection Vulnerability

]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7920 - Simopro Technology WinMatrix3 Web Package Reflected Cross-site Scripting

]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7921 - Askey Modem Stack-Based Buffer Overflow

]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7916 - Simopro Technology WinMatrix3 Insecure Deserialization Vulnerability

]]>

Mon, 21 Jul 2025 06:15:00 GMT

read more

CVE-2025-7917 - Simopro Technology WinMatrix3 Arbitrary File Upload Vulnerability (Remote Code Execution)

]]>

Mon, 21 Jul 2025 06:15:00 GMT

read more

CVE-2025-7918 - Simopro Technology WinMatrix3 Web SQL Injection Vulnerability

]]>

Mon, 21 Jul 2025 06:15:00 GMT

read more

CVE-2025-54352 - WordPress Pingback Title Guessing Vulnerability

]]>

Mon, 21 Jul 2025 05:15:00 GMT

read more

CVE-2025-7914 - Tenda AC6 HTTPd Buffer Overflow Vulnerability

]]>

Mon, 21 Jul 2025 01:15:00 GMT

read more

CVE-2025-7915 - Chanjet CRM SQL Injection Vulnerability

]]>

Mon, 21 Jul 2025 01:15:00 GMT

read more

CVE-2025-7913 - TOTOLINK T6 MQTT Service Buffer Overflow Vulnerability

]]>

Mon, 21 Jul 2025 00:15:00 GMT

read more

CVE-2025-53771 - Microsoft Office SharePoint Path Traversal Spoofing

]]>

Sun, 20 Jul 2025 23:15:00 GMT

read more

CVE-2025-7911 - D-Link DI-8100 Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 20 Jul 2025 23:15:00 GMT

read more

CVE-2025-7912 - TOTOLINK MQTT Service Buffer Overflow Vulnerability

]]>

Sun, 20 Jul 2025 23:15:00 GMT

read more

CVE-2025-7909 - D-Link DIR-513 Boa Webserver Stack-Based Buffer Overflow

]]>

Sun, 20 Jul 2025 22:15:00 GMT

read more

CVE-2025-7910 - D-Link DIR-513 Boa Webserver Stack-Based Buffer Overflow

]]>

Sun, 20 Jul 2025 22:15:00 GMT

read more

CVE-2025-54319 - Westermo WeOS Information Disclosure

]]>

Sun, 20 Jul 2025 21:15:00 GMT

read more

CVE-2025-7907 - Yangzongzhuan RuoYi Default Credential Vulnerability (Druid)

]]>

Sun, 20 Jul 2025 21:15:00 GMT

read more

CVE-2025-7908 - D-Link DI-8100 Jhttpd sprintf Stack-Based Buffer Overflow

]]>

Sun, 20 Jul 2025 21:15:00 GMT

read more

CVE-2025-7906 - "Yangzongzhuan RuoYi Unrestricted File Upload Vulnerability"

]]>

Sun, 20 Jul 2025 20:15:00 GMT

read more

CVE-2025-47917 - Mbed TLS Use-After-Free Vulnerability

]]>

Sun, 20 Jul 2025 19:15:00 GMT

read more

CVE-2025-49087 - Mbed TLS Block Cipher Padding Timing Attack

]]>

Sun, 20 Jul 2025 19:15:00 GMT

read more

CVE-2025-54316 - Logpoint Jinja Template XSS Vulnerability

]]>

Sun, 20 Jul 2025 19:15:00 GMT

read more

CVE-2025-54317 - Logpoint Path Traversal Remote Code Execution Vulnerability

]]>

Sun, 20 Jul 2025 19:15:00 GMT

read more

CVE-2025-7905 - Itsoucecode Insurance Management System SQL Injection Vulnerability

]]>

Sun, 20 Jul 2025 19:15:00 GMT

read more

CVE-2025-48965 - Mbed TLS NULL Pointer Dereference Vulnerability

]]>

Sun, 20 Jul 2025 18:15:00 GMT

read more

CVE-2025-7903 - Yangzongzhuan RuoYi Image Source Handler UI Layer Restriction Vulnerability

]]>

Sun, 20 Jul 2025 17:15:00 GMT

read more

CVE-2025-7904 - iSourcecode Insurance Management System SQL Injection Vulnerability

]]>

Sun, 20 Jul 2025 17:15:00 GMT

read more

CVE-2025-7902 - Yangzongzhuan RuoYi Cross-Site Scripting Vulnerability

]]>

Sun, 20 Jul 2025 16:15:00 GMT

read more

CVE-2025-7898 - "Codcanyon iDentSoft File Upload Vulnerability"

]]>

Sun, 20 Jul 2025 16:15:00 GMT

read more

CVE-2025-7901 - RuoYi Swagger UI Cross-Site Scripting Vulnerability

]]>

Sun, 20 Jul 2025 16:15:00 GMT

read more

CVE-2025-7896 - "Harry0703 MoneyPrinterTurbo Remote Path Traversal Vulnerability"

]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-7897 - Harry0703 MoneyPrinterTurbo API Endpoint Missing Authentication Vulnerability

]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-46385 - Apache HTTP Server SSRF

]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-7895 - Harry0703 MoneyPrinterTurbo Unrestricted File Upload Vulnerability

]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-46382 - Apache HTTP Server Information Disclosure

]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-46383 - Apache Web Server Cross-Site Scripting

]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-46384 - Apache Struts File Upload Vulnerability

]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-7894 - Onyx Chat Interface SQL Injection Vulnerability

]]>

Sun, 20 Jul 2025 14:15:00 GMT

read more

CVE-2025-7892 - IDnow App AndroidManifest.xml Improper Export of Android Application Components Vulnerability

]]>

Sun, 20 Jul 2025 14:15:00 GMT

read more

CVE-2025-7893 - Foresight News App Android Improper Android Application Component Export

]]>

Sun, 20 Jul 2025 14:15:00 GMT

read more

CVE-2025-7889 - CallApp Caller ID App Android Component Export Vulnerability

]]>

Sun, 20 Jul 2025 13:15:00 GMT

read more

CVE-2025-7890 - Dunamu StockPlus App Android AndroidManifest.xml Component Export Weakness

]]>

Sun, 20 Jul 2025 13:15:00 GMT

read more

CVE-2025-7891 - InstantBits Web Video Cast App Android Android Application Component Export Vulnerability

]]>

Sun, 20 Jul 2025 13:15:00 GMT

read more

CVE-2025-7885 - Huashengdun WebSSH Cross-Site Scripting Vulnerability

]]>

Sun, 20 Jul 2025 12:15:00 GMT

read more

CVE-2025-7886 - pmTicket Project-Management-Software SQL Injection Vulnerability

]]>

Sun, 20 Jul 2025 12:15:00 GMT

read more

CVE-2025-7887 - Zavy86 WikiDocs Cross-Site Scripting Vulnerability

]]>

Sun, 20 Jul 2025 12:15:00 GMT

read more

CVE-2025-7888 - TDuckCloud tduck-platform SQL Injection Vulnerability

]]>

Sun, 20 Jul 2025 12:15:00 GMT

read more

CVE-2025-7883 - Eluktronics Control Center PowerShell Script Handler Command Injection Vulnerability

]]>

Sun, 20 Jul 2025 11:15:00 GMT

read more

CVE-2025-7884 - "Eluktronics Control Center REG File Handler Authentication Bypass"

]]>

Sun, 20 Jul 2025 11:15:00 GMT

read more

CVE-2025-7882 - Mercusys MW301R Authentication Bypass Vulnerability

]]>

Sun, 20 Jul 2025 11:15:00 GMT

read more

CVE-2025-7880 - Metasoft MetaCRM Unrestricted File Upload Vulnerability

]]>

Sun, 20 Jul 2025 10:15:00 GMT

read more

CVE-2025-7881 - Mercusys MW301R Remote Weak Password Recovery Vulnerability

]]>

Sun, 20 Jul 2025 10:15:00 GMT

read more

CVE-2025-7878 - Metasoft MetaCRM Unrestricted File Upload Vulnerability

]]>

Sun, 20 Jul 2025 09:15:00 GMT

read more

CVE-2025-7879 - Metasoft MetaCRM Remote File Upload Vulnerability

]]>

Sun, 20 Jul 2025 09:15:00 GMT

read more

CVE-2025-7875 - Metasoft MetaCRM Remote Authentication Bypass Vulnerability

]]>

Sun, 20 Jul 2025 08:15:00 GMT

read more

CVE-2025-7876 - Metasoft MetaCRM Remote Deserialization Vulnerability

]]>

Sun, 20 Jul 2025 08:15:00 GMT

read more

CVE-2025-7877 - Metasoft MetaCRM Unrestricted File Upload Vulnerability

]]>

Sun, 20 Jul 2025 08:15:00 GMT

read more

CVE-2025-7872 - Portabilis i-Diario Cross-Site Scripting Vulnerability

]]>

Sun, 20 Jul 2025 07:15:00 GMT

read more

CVE-2025-7873 - Metasoft MetaCRM Critical SQL Injection in mcc_login.jsp

]]>

Sun, 20 Jul 2025 07:15:00 GMT

read more

CVE-2025-7874 - Metasoft MetaCRM Remote Information Disclosure in /env.jsp

]]>

Sun, 20 Jul 2025 07:15:00 GMT

read more

CVE-2025-7870 - Portabilis i-Diario Cross-Site Scripting Vulnerability

]]>

Sun, 20 Jul 2025 06:15:00 GMT

read more

CVE-2025-7871 - Portabilis i-Diario Cross-Site Scripting Vulnerability

]]>

Sun, 20 Jul 2025 06:15:00 GMT

read more

CVE-2025-7867 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Sun, 20 Jul 2025 05:15:00 GMT

read more

CVE-2025-7868 - Portabilis i-Educar Cross-Site Scripting Vulnerability in Calendar Module

]]>

Sun, 20 Jul 2025 05:15:00 GMT

read more

CVE-2025-7869 - Portabilis i-Educar Turma Module Cross-Site Scripting Vulnerability

]]>

Sun, 20 Jul 2025 05:15:00 GMT

read more

CVE-2025-7865 - JeeSite XSS Filter Remote Cross-Site Scripting Vulnerability

]]>

Sun, 20 Jul 2025 04:15:00 GMT

read more

CVE-2025-7866 - Portabilis i-Educar Cross-Site Scripting in Disabilities Module

]]>

Sun, 20 Jul 2025 04:15:00 GMT

read more

CVE-2025-7864 - "Thinkgem JeeSite Unrestricted File Upload Vulnerability"

]]>

Sun, 20 Jul 2025 03:15:00 GMT

read more

CVE-2025-54314 - "Thor Shell Command Injection"

]]>

Sun, 20 Jul 2025 03:15:00 GMT

read more

CVE-2025-7862 - "TOTOLINK Telnet Service Remote Authentication Bypass"

]]>

Sun, 20 Jul 2025 03:15:00 GMT

read more

CVE-2025-7863 - Thinkgem JeeSite Open Redirect Vulnerability

]]>

Sun, 20 Jul 2025 03:15:00 GMT

read more

CVE-2025-53770 - Microsoft SharePoint Server Remote Code Execution Vulnerability

]]>

Sun, 20 Jul 2025 01:15:00 GMT

read more

CVE-2025-7859 - Code-projects Church Donation System SQL Injection Vulnerability

]]>

Sun, 20 Jul 2025 01:15:00 GMT

read more

CVE-2025-7860 - "Church Donation System SQL Injection Vulnerability"

]]>

Sun, 20 Jul 2025 01:15:00 GMT

read more

CVE-2025-7861 - "Church Donation System SQL Injection Vulnerability"

]]>

Sun, 20 Jul 2025 01:15:00 GMT

read more

CVE-2025-7858 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting Vulnerability

]]>

Sun, 20 Jul 2025 00:15:00 GMT

read more

CVE-2025-7857 - "PHPGurukul Apartment Visitors Management System Cross Site Scripting Vulnerability"

]]>

Sat, 19 Jul 2025 23:15:00 GMT

read more

CVE-2025-7856 - PHPGurukul Apartment Visitors Management System Cross Site Scripting

]]>

Sat, 19 Jul 2025 22:15:00 GMT

read more

CVE-2025-7855 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 19 Jul 2025 21:15:00 GMT

read more

CVE-2025-7854 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 19 Jul 2025 21:15:00 GMT

read more

CVE-2025-7853 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 19 Jul 2025 20:15:00 GMT

read more

CVE-2025-7838 - Campcodes Online Movie Theater Seat Reservation System SQL Injection Vulnerability

]]>

Sat, 19 Jul 2025 18:15:00 GMT

read more

CVE-2025-7840 - Campcodes Online Movie Theater Seat Reservation System Cross-Site Scripting Vulnerability

]]>

Sat, 19 Jul 2025 18:15:00 GMT

read more

CVE-2025-7836 - D-Link DIR-816L Environment Variable Handler Command Injection

]]>

Sat, 19 Jul 2025 17:15:00 GMT

read more

CVE-2025-7837 - TOTOLINK T6 MQTT Service Buffer Overflow Vulnerability

]]>

Sat, 19 Jul 2025 17:15:00 GMT

read more

CVE-2025-54313 - EsLint-Config-Prettier Malicious Code Injection

]]>

Sat, 19 Jul 2025 17:15:00 GMT

read more

CVE-2025-7832 - Church Donation System SQL Injection Vulnerability

]]>

Sat, 19 Jul 2025 16:15:00 GMT

read more

CVE-2025-7833 - Church Donation System SQL Injection Vulnerability

]]>

Sat, 19 Jul 2025 16:15:00 GMT

read more

CVE-2025-7834 - PHPGurukul Complaint Management System CSRF Vulnerability

]]>

Sat, 19 Jul 2025 16:15:00 GMT

read more

CVE-2025-7831 - "Church Donation System SQL Injection Vulnerability"

]]>

Sat, 19 Jul 2025 15:15:00 GMT

read more

CVE-2025-7830 - "Church Donation System SQL Injection Vulnerability"

]]>

Sat, 19 Jul 2025 15:15:00 GMT

read more

CVE-2025-7829 - Church Donation System SQL Injection Vulnerability

]]>

Sat, 19 Jul 2025 14:15:00 GMT

read more

CVE-2025-7819 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting

]]>

Sat, 19 Jul 2025 13:15:00 GMT

read more

CVE-2025-7823 - Jinher OA XML External Entity Reference Vulnerability

]]>

Sat, 19 Jul 2025 13:15:00 GMT

read more

CVE-2025-7824 - Jinher OA XML External Entity Reference (XXE) Vulnerability

]]>

Sat, 19 Jul 2025 13:15:00 GMT

read more

CVE-2025-7818 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting Vulnerability

]]>

Sat, 19 Jul 2025 12:15:00 GMT

read more

CVE-2015-10138 - "Work The Flow File Upload Plugin for WordPress Arbitrary File Upload Vulnerability"

]]>

Sat, 19 Jul 2025 12:15:00 GMT

read more

CVE-2015-10139 - WPLMS WordPress Privilege Escalation

]]>

Sat, 19 Jul 2025 12:15:00 GMT

read more

CVE-2025-38351 - KVM Hyper-V Canonical GVA Vulnerability

]]>

Sat, 19 Jul 2025 12:15:00 GMT

read more

CVE-2025-7817 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting

]]>

Sat, 19 Jul 2025 12:15:00 GMT

read more

CVE-2025-7816 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting Vulnerability

]]>

Sat, 19 Jul 2025 11:15:00 GMT

read more

CVE-2025-7815 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting Vulnerability

]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2015-10135 - WordPress WPshop File Upload Vulnerability

]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2015-10136 - GI-Media Library Directory Traversal Vulnerability in WordPress

]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2016-15043 - WordPress WP Mobile Detector Arbitrary File Upload Vulnerability

]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2015-10134 - WordPress Simple Backup Arbitrary File Download Vulnerability

]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2012-10019 - WordPress Front End Editor Arbitrary File Upload Vulnerability

]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2015-10133 - WordPress Subscribe to Comments Local File Inclusion Vulnerability

]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2025-6997 - "ThemeREX Addons WordPress Stored Cross-Site Scripting"

]]>

Sat, 19 Jul 2025 09:15:00 GMT

read more

CVE-2025-38350 - Linux Kernel HFSC Netem Blackhole Use-After-Free Vulnerability

]]>

Sat, 19 Jul 2025 07:15:00 GMT

read more

CVE-2025-6721 - WordPress Vchasno Kasa Plugin Unauthenticated Data Access Vulnerability

]]>

Sat, 19 Jul 2025 06:15:00 GMT

read more

CVE-2025-29757 - Growatt Cloud Service Authorization Bypass Vulnerability

]]>

Sat, 19 Jul 2025 06:15:00 GMT

read more

CVE-2025-6720 - Vchasno Kasa Plugin WordPress Information Disclosure Vulnerability

]]>

Sat, 19 Jul 2025 06:15:00 GMT

read more

CVE-2025-7697 - Google Sheets Integration for WordPress PHP Object Injection Vulnerability

]]>

Sat, 19 Jul 2025 05:15:00 GMT

read more

CVE-2025-7696 - Pipedrive WordPress Plugin PHP Object Injection Vulnerability

]]>

Sat, 19 Jul 2025 05:15:00 GMT

read more

CVE-2025-7669 - Avishi WP PayPal Payment Button CSRF Vulnerability

]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-7653 - EPay.bg Payments Plugin for WordPress Stored Cross-Site Scripting Vulnerability

]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-7655 - WordPress Live Stream Badger Stored Cross-Site Scripting

]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-7658 - WordPress Temporarily Hidden Content Stored Cross-Site Scripting Vulnerability

]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-7661 - Martinus Stored Cross-Site Scripting (XSS) in WordPress Partnerský systém

]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-52924 - One Identity OneLogin SQL Injection

]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-27209 - Node.js V8 HashDoS Vulnerability

]]>

Fri, 18 Jul 2025 23:15:00 GMT

read more

CVE-2025-27210 - Node.js Windows Path Join API Incomplete Fix Vulnerability

]]>

Fri, 18 Jul 2025 23:15:00 GMT

read more

CVE-2025-7394 - OpenSSL wolfSSL Predictable Random Number Generation After Fork Vulnerability

]]>

Fri, 18 Jul 2025 23:15:00 GMT

read more

CVE-2025-7395 - WolfSSL Certificate Domain Name Verification Bypass

]]>

Fri, 18 Jul 2025 23:15:00 GMT

read more

CVE-2025-7396 - WolfSSL Curve25519 Blinding Support Vulnerability (Side-Channel Attack)

]]>

Fri, 18 Jul 2025 23:15:00 GMT

read more

CVE-2025-7814 - Food Ordering Review System SQL Injection Vulnerability

]]>

Fri, 18 Jul 2025 22:15:00 GMT

read more

CVE-2025-50581 - MRCMS Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 21:15:00 GMT

read more

CVE-2025-50582 - StudentManage Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 21:15:00 GMT

read more

CVE-2025-50583 - StudentManage Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 18 Jul 2025 21:15:00 GMT

read more

CVE-2025-7806 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 18 Jul 2025 21:15:00 GMT

read more

CVE-2025-7807 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 18 Jul 2025 21:15:00 GMT

read more

CVE-2025-7805 - Tenda FH451 PPTP Stack Buffer Overflow

]]>

Fri, 18 Jul 2025 20:15:00 GMT

read more

CVE-2025-7803 - Descreekert wx-discuz Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 20:15:00 GMT

read more

CVE-2025-54310 - qBittorrent Local File Disclosure

]]>

Fri, 18 Jul 2025 20:15:00 GMT

read more

CVE-2025-50584 - StudentManage XSS Vulnerability in Add A New Teacher Module

]]>

Fri, 18 Jul 2025 20:15:00 GMT

read more

CVE-2025-50708 - Perplexity AI GPT-4 Information Disclosure

]]>

Fri, 18 Jul 2025 20:15:00 GMT

read more

CVE-2025-7800 - "CGPandey Hotelmis HTTP GET Request Handler Cross-Site Scripting Vulnerability"

]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-7801 - BossSoft CRM SQL Injection Vulnerability

]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-7802 - PHPGurukul Complaint Management System Cross Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-33014 - IBM Sterling B2B Integrator and IBM Sterling File Gateway Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-50585 - StudentManage SQL Injection Vulnerability

]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-52163 - Agorum Core Agorum Software GmbH SSRF

]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-52169 - Agorum Core Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-54309 - CrushFTP Remote Admin Access Vulnerability

]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-7798 - Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System SQL Injection Vulnerability

]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-52168 - Agorum Software GmbH Agorum Core File Access Vulnerability

]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-53901 - Wasmtime WASIp1 Denial-of-Service Vulnerability

]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-7795 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-7796 - Tenda PPTPDClient Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-7797 - GPAC Dash Client Null Pointer Dereference Remote Vulnerability

]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-52166 - Agorum Core Privilege Escalation Vulnerability

]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-52164 - Agorum Core Password Storage Vulnerability

]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-7783 - FormData Insufficiently Random Values HTTP Parameter Pollution

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-7792 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-7793 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-7794 - Tenda FH451 Stack-Based Buffer Overflow

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-45156 - Splashin iOS Location Spoofing Vulnerability

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-45157 - Splashin iOS Privilege Escalation Vulnerability

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-47158 - Azure DevOps Authentication Bypass

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-47995 - Azure Machine Learning Authentication Privilege Escalation

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-49746 - Azure Machine Learning Privilege Elevation Vulnerability

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-49747 - Azure Machine Learning Privilege Escalation

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-50586 - StudentManage CSRF

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-52162 - Agorum Software GmbH Agorum Core XXE Vulnerability

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-53762 - Microsoft Purview Privilege Escalation

]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-54078 - WeGIA Reflected Cross-Site Scripting (XSS)

]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54079 - WeGIA SQL Injection Vulnerability

]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-7789 - Xuxueli xxl-job Password Hashing Weakness

]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-7790 - D-Link DI-8100 HTTP Request Handler Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-7791 - PHPGurukul Online Security Guards Hiring System Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-53888 - RIOT-OS L2FILTER Add Buffer Overflow

]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-53945 - Apko File Permission Vulnerability (Root Escalation)

]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54059 - Melange SBOM Generation Permissions Vulnerability

]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54073 - Microsoft MCP Package Docs Command Injection Vulnerability

`, `&&`, etc.). Commit cb4ad49615275379fd6f2f1cf1ec4731eec56eb9 in version 0.1.27 contains a fix for the issue, but upgrading to 0.1.28 is recommended. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54075 - Nuxtjs MDC Stored Cross-Site Scripting (Remote Script-Inclusion)

]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54076 - WeGIA Reflected Cross-Site Scripting (XSS)

]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54077 - WeGIA Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-46000 - Apache Filemanager SVG File Upload RCE

]]>

Fri, 18 Jul 2025 15:15:00 GMT

read more

CVE-2025-46732 - OpenCTI IDOR Notification Manipulation

]]>

Fri, 18 Jul 2025 15:15:00 GMT

read more

CVE-2025-7787 - Xuxueli xxl-job Server-Side Request Forgery (SSRF) Vulnerability

]]>

Fri, 18 Jul 2025 15:15:00 GMT

read more

CVE-2025-7788 - Xuxueli xxl-job OS Command Injection

]]>

Fri, 18 Jul 2025 15:15:00 GMT

read more

CVE-2024-13175 - Vidco Software VOC TESTER Authorization Bypass

]]>

Fri, 18 Jul 2025 14:15:00 GMT

read more

CVE-2025-46001 - Apache Filemanager PHP File Upload RCE

]]>

Fri, 18 Jul 2025 14:15:00 GMT

read more

CVE-2025-46002 - Apache Filemanager Directory Traversal Vulnerability

]]>

Fri, 18 Jul 2025 14:15:00 GMT

read more

CVE-2025-7784 - Keycloak Fine-Grained Admin Permissions Privilege Escalation Vulnerability

]]>

Fri, 18 Jul 2025 14:15:00 GMT

read more

CVE-2025-7786 - Gnuboard Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 14:15:00 GMT

read more

CVE-2025-6227 - Mattermost Auth Token Interception Vulnerability

]]>

Fri, 18 Jul 2025 12:15:00 GMT

read more

CVE-2025-7785 - JeeSite Open Redirect Vulnerability

]]>

Fri, 18 Jul 2025 12:15:00 GMT

read more

CVE-2025-50126 - Joomla RSBlog! Stored XSS Vulnerability

]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-6233 - Mattermost File Attachment Path Traversal Vulnerability

]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-2425 - ESET Security Software TOCTTOU File Truncation Vulnerability

]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-49484 - Joomla JS Jobs SQL Injection

]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-49485 - Balbooa Forms SQL Injection Vulnerability

]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-49486 - Balbooa Gallery Joomla Stored XSS

]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-50056 - Joomla RSMail Reflected Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-50057 - RSFiles! Denial of Service (DOS) Vulnerability

]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-50058 - Joomla RSDirectory! Stored XSS Vulnerability

]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-6226 - Mattermost Authorization Bypass Vulnerability

]]>

Fri, 18 Jul 2025 09:15:00 GMT

read more

CVE-2025-7444 - "LoginPress Pro WordPress Authentication Bypass Vulnerability"

]]>

Fri, 18 Jul 2025 09:15:00 GMT

read more

CVE-2025-38349 - Linux Kernel Epoll Use-After-Free Vulnerability

mtx); afterwards. That's very wrong, because it can lead to a use-after-free. That pattern is actually fine for the very last reference, because the code in question will delay the actual call to "ep_free(ep)" until after it has unlocked the mutex. But it's wrong for the much subtler "next to last" case when somebody *else* may also be dropping their reference and free the ep while we're still using the mutex. Note that this is true even if that other user is also using the same ep mutex: mutexes, unlike spinlocks, can not be used for object ownership, even if they guarantee mutual exclusion. A mutex "unlock" operation is not atomic, and as one user is still accessing the mutex as part of unlocking it, another user can come in and get the now released mutex and free the data structure while the first user is still cleaning up. See our mutex documentation in Documentation/locking/mutex-design.rst, in particular the section [1] about semantics: "mutex_unlock() may access the mutex structure even after it has internally released the lock already - so it's not safe for another context to acquire the mutex and assume that the mutex_unlock() context is not using the structure anymore" So if we drop our ep ref before the mutex unlock, but we weren't the last one, we may then unlock the mutex, another user comes in, drops _their_ reference and releases the 'ep' as it now has no users - all while the mutex_unlock() is still accessing it. Fix this by simply moving the ep refcount dropping to outside the mutex: the refcount itself is atomic, and doesn't need mutex protection (that's the whole _point_ of refcounts: unlike mutexes, they are inherently about object lifetimes). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2025-6023 - Grafana Open Redirect XSS Vulnerability

]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2025-6197 - Grafana Open Redirect Vulnerability

]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2024-27779 - FortiSandbox FortiIsolator Insufficient Session Expiration Vulnerability

]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2024-32124 - FortiIsolator Improper Access Control Logging Vulnerability

]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2025-26854 - Joomla Articles Good Search SQL Injection Vulnerability

]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2025-26855 - Joomla Articles Calendar SQL Injection

]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2025-7438 - MasterStudy LMS Pro WordPress Arbitrary File Upload Vulnerability

]]>

Fri, 18 Jul 2025 07:15:00 GMT

read more

CVE-2025-7772 - "WordPress Malware Removal Plugin Arbitrary File Read Vulnerability"

]]>

Fri, 18 Jul 2025 07:15:00 GMT

read more

CVE-2025-6719 - WordPress Terms Descriptions Stored Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-6726 - WordPress Block Editor Gallery Slider Unauthenticated Post Meta Modification Vulnerability

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-7643 - WordPress Attachment Manager Remote File Deletion Vulnerability

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-6717 - WordPress B1.lt Plugin SQL Injection Vulnerability

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-6718 - B1.lt WordPress SQL Injection

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-29572 - Apache Struts Remote Code Execution Vulnerability

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-5752 - WordPress Vertical Scroll Image Slideshow Gallery Plugin Stored Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-5754 - WordPress Useful Tab Block Stored Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-5767 - WooCommerce Crowdfunding Stored Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-5800 - WordPress Testimonial Post Type Stored Cross-Site Scripting

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-5811 - Listly: WordPress Unauthenticated Transient Deletion Vulnerability

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-6222 - "WooCommerce Refund And Exchange with RMA - Warranty Management, Refund Policy, Manage User Wallet Arbitrary File Upload Vulnerability"

]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-6813 - Apacheaapanel WordPress Privilege Escalation Vulnerability

]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-7638 - Forminator Forms SQL Injection

]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-7648 - Ruven Themes WordPress Stored Cross-Site Scripting

]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-7660 - Map My Locations WordPress Stored Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-3740 - "WordPress School Management System Local File Inclusion Vulnerability"

]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-5816 - "WooCommerce Pengiriman Plugin Insecure Direct Object Reference"

]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-6053 - Zuppler Online Ordering for WordPress CSRF

]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-6781 - Copymatic – WordPress CSRF (Cross-Site Request Forgery)

]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-7431 - WordPress Knowledge Base Stored Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 02:15:00 GMT

read more

CVE-2025-7767 - PHPGurukul Art Gallery Management System Cross-Site Scripting Vulnerability

]]>

Fri, 18 Jul 2025 01:15:00 GMT

read more

CVE-2025-6185 - Leviton AcquiSuite and Energy Monitoring Hub Cross-Site Scripting (XSS)

]]>

Fri, 18 Jul 2025 00:15:00 GMT

read more

CVE-2025-7763 - Open Redirect Vulnerability in thinkgem JeeSite Site Controller/SSO

]]>

Thu, 17 Jul 2025 23:15:00 GMT

read more

CVE-2025-7764 - Code-Projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 23:15:00 GMT

read more

CVE-2025-7765 - Code-projects Online Appointment Booking System SQL Injection

]]>

Thu, 17 Jul 2025 23:15:00 GMT

read more

CVE-2025-6391 - Brocade ASCG Log File Exposed JWT Vulnerability

]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-7397 - Brocade ASCG CLI Command History Information Disclosure

]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-7398 - Brocade ASCG Cryptographic Weakness

]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-7758 - TOTOLINK T6 HTTP POST Request Handler Buffer Overflow

]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-7759 - Thinkgem JeeSite UEditor Image Grabber SSRF Vulnerability

]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-7762 - D-Link DI-8100 HTTP Request Handler Stack-Based Buffer Overflow

]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-23269 - NVIDIA Jetson Linux Microarchitectural Predictor State Information Disclosure

]]>

Thu, 17 Jul 2025 21:15:00 GMT

read more

CVE-2025-7755 - Code-projects Online Ordering System Unrestricted File Upload Vulnerability

]]>

Thu, 17 Jul 2025 21:15:00 GMT

read more

CVE-2025-7756 - Code-Projects E-Commerce Site Cross-Site Request Forgery Vulnerability

]]>

Thu, 17 Jul 2025 21:15:00 GMT

read more

CVE-2025-7757 - PHPGurukul Land Record System SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 21:15:00 GMT

read more

CVE-2025-7754 - Code-projects Patient Record Management System SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-6231 - Lenovo Vantage Elevation of Privilege Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-6232 - Lenovo Vantage Elevation of Privilege

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-6248 - Lenovo Browser Cross-Site Scripting Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-6249 - FileZ Client Authentication Bypass

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-7433 - Sophos Intercept X for Windows Local Privilege Escalation Remote Code Execution

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-7751 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-7752 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-7753 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-53964 - GoldenDict Uncontrolled File Modification Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-6230 - Lenovo Vantage SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-42209 - HCL Connections Information Disclosure Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-0886 - Elliptic Labs Virtual Lock Sensor Privilege Escalation Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-1700 - Motorola Software Fix DLL Hijacking Privilege Escalation

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-1729 - TrackPoint Quick Menu DLL Hijacking Privilege Escalation Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-23266 - NVIDIA Container Toolkit Privilege Escalation Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-23267 - NVIDIA Container Toolkit Link Following Vulnerability (Denial of Service and Data Tampering)

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-23270 - NVIDIA Jetson Linux UEFI Management Mode Information Disclosure and Execution Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-2818 - Motorola Smart Connect Bluetooth File Interception Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-3753 - ROS Robot Operating System 'rosbag' Code Execution Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-4657 - Lenovo Protection Driver Buffer Overflow Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-39289 - "ROS rosparam Code Execution Vulnerability"

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-39835 - ROS roslaunch Code Injection Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-41148 - ROS rostopic Code Injection Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-41921 - ROS "rostopic" Code Injection Vulnerability

]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-13972 - Intercept X for Windows Privilege Escalation Vulnerability

]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-46102 - Beakon Learning Management System SCORM Cross Site Scripting Vulnerability

]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-50240 - NBCIO-Boot SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-53816 - 7-Zip RAR5 Heap Buffer Overflow

]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-53817 - 7-Zip Denial of Service Null Pointer Dereference

]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-54068 - Livewire Unauthenticated Remote Command Execution Vulnerability

]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-54070 - OpenZeppelin Contracts Memory Access Vulnerability

]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-7472 - Intercept X for Windows Local Privilege Escalation

]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-7750 - Code-projects Online Appointment Booking System SQL Injection

]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-23263 - NVIDIA DOCA-Host and Mellanox OFED VGT+ Privilege Escalation and Denial of Service Vulnerability

]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-51497 - AdGuard Safari MacOS Information Disclosure

]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-53638 - Solady Silent Failure in Proxy Initialization Vulnerability

]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-53644 - OpenCV Heap Buffer Write Vulnerability

]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-7747 - Tenda POST Request Handler Buffer Overflow Vulnerability

]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-7748 - ZCMS Cross Site Scripting (XSS) Vulnerability in Create Article Page

]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-7749 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2024-32323 - Cnhcit Haichang OA SQL Injection

]]>

Thu, 17 Jul 2025 17:15:00 GMT

read more

CVE-2023-41566 - OA EKP Arbitrary Download Vulnerability

]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2023-47356 - Mingyu Security Gateway Remote Command Execution Vulnerability

]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-25257 - Fortinet FortiWeb SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-52046 - Totolink A3300R Command Injection Vulnerability

]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-53867 - Island Lake WebBatch Remote Code Execution Vulnerability

]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-7338 - Multer DoS Vulnerability

]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-7339 - "On-Headers Header Modification Vulnerability"

]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-54066 - DiracX-Web Redirect Hijacking Vulnerability

]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-47189 - Netwrix Directory Manager Cross-Site Scripting Vulnerability

]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-54058 - WeGIA SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-54060 - WeGIA SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-54061 - WeGIA SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-54062 - WeGIA SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-54064 - Rucio Apache Access Log Credentials Exposure

]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-53928 - MaxKB Remote Command Execution

]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-53941 - Hollo ActivityPub HTML Injection Vulnerability

]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-53946 - WeGIA SQL Injection Vulnerability

]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-1713 - Intel PCI Interrupt Remapping Deadlock Vulnerability

]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-40924 - Catalyst::Plugin::Session Insecure Session ID Generation

]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-51630 - TOTOLINK N350RT Buffer Overflow Vulnerability

]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-53909 - Mailcow: Dockerized Server-Side Template Injection Vulnerability

]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-53927 - MaxKB Directory Traversal (Command Execution)

]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-5345 - Bluebird IsdcardRemoteService Unauthenticated File Manipulation Vulnerability

]]>

Thu, 17 Jul 2025 13:15:00 GMT

read more

CVE-2025-5346 - Bluebird Devices File Traversal Vulnerability in BootReceiver

]]>

Thu, 17 Jul 2025 13:15:00 GMT

read more

CVE-2025-5344 - Bluebird Kiosk Remote Service Unauthenticated RCE

]]>

Thu, 17 Jul 2025 13:15:00 GMT

read more

CVE-2025-52933 - Apache Struts XML External Entity (XXE) Injection

]]>

Thu, 17 Jul 2025 13:15:00 GMT

read more

CVE-2025-3415 - Grafana Alerting DingDing Unauthenticated Viewer Escalation

]]>

Thu, 17 Jul 2025 11:15:00 GMT

read more

CVE-2025-4302 - WordPress Stop User Enumeration REST API Bypass

]]>

Thu, 17 Jul 2025 08:15:00 GMT

read more

CVE-2025-7735 - UNIMAX Hospital Information System SQL Injection

]]>

Thu, 17 Jul 2025 04:15:00 GMT

read more

CVE-2025-7712 - The Madara WordPress Core Plugin Unvalidated File Deletion Vulnerability

]]>

Thu, 17 Jul 2025 03:15:00 GMT

read more

CVE-2025-7728 - Scada-LTS Cross-Site Scripting Vulnerability

]]>

Thu, 17 Jul 2025 02:15:00 GMT

read more

CVE-2025-7729 - Scada-LTS Cross-Site Scripting Vulnerability

]]>

Thu, 17 Jul 2025 02:15:00 GMT

read more

CVE-2025-5396 - WordPress Bears Backup Plugin Remote Code Execution Vulnerability

]]>

Thu, 17 Jul 2025 02:15:00 GMT

read more

CVE-2024-12498 - CVE-2021-42251: Apache Struts Deserialization Remote Code Execution

]]>

Wed, 16 Jul 2025 23:15:00 GMT

read more

CVE-2025-34124 - Heroes of Might and Magic III Complete Buffer Overflow Vulnerability

]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34125 - D-Link Lighttpd Command Injection Vulnerability

]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34126 - RIPS Scanner Remote File Read Vulnerability

]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34127 - Achat UDP Stack-based Buffer Overflow

]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34128 - X360 VideoPlayer Buffer Overflow Vulnerability

]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34129 - LILIN Digital Video Recorder (DVR) Command Injection Vulnerability

]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34130 - LILIN Digital Video Recorder (DVR) Unauthenticated Arbitrary File Read Vulnerability

]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34132 - LILIN DVR Command Injection Vulnerability

]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34118 - Linknat VOS Manager Path Traversal Vulnerability

]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-34119 - EasyCafe Server Remote File Disclosure

]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-34120 - LimeSurvey Unauthenticated File Download Vulnerability

]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-34121 - Idera Up.Time PHP File Upload RCE

]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-34123 - VideoCharge Studio Stack-Based Buffer Overflow Vulnerability

]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-34117 - Netcore/Netis Router Remote Code Execution Backdoor Vulnerability

]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-53908 - RomM Path Traversal Vulnerability

]]>

Wed, 16 Jul 2025 20:15:00 GMT

read more

CVE-2025-6982 - TP-Link Archer C50 Hard-coded Credentials Vulnerability

]]>

Wed, 16 Jul 2025 20:15:00 GMT

read more

CVE-2025-6983 - TP-Link Archer C1200 Clickjacking Vulnerability

]]>

Wed, 16 Jul 2025 20:15:00 GMT

read more

CVE-2025-40777 - " BIND Named CNAME Chain Abort Vulnerability"

]]>

Wed, 16 Jul 2025 18:15:00 GMT

read more

CVE-2025-37107 - HPE AutoPass License Server APLS Authentication Bypass Vulnerability

]]>

Wed, 16 Jul 2025 18:15:00 GMT

read more

CVE-2025-37106 - HPE AutoPass License Server Authentication Bypass Information Disclosure

]]>

Wed, 16 Jul 2025 18:15:00 GMT

read more

CVE-2025-37105 - HPE AutoPass License Server (APLS) Remote Code Execution Vulnerability

]]>

Wed, 16 Jul 2025 18:15:00 GMT

read more

CVE-2025-36097 - IBM WebSphere Application Server Stack-Based Overflow Denial of Service

]]>

Wed, 16 Jul 2025 18:15:00 GMT

read more

CVE-2025-20337 - Cisco ISE/Cisco ISE-PIC Remote Code Execution Vulnerability

]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-53904 - Scratch Channel Cross-Site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20288 - Cisco Unified Intelligence Center SSRF Vulnerability

]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20272 - Cisco Prime Infrastructure and EPNM Blind SQL Injection

]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20274 - "Cisco Unified Intelligence Center File Upload Privilege Escalation Vulnerability"

]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20283 - "Cisco ISE and ISE-PIC Root Code Execution Vulnerability"

]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20284 - Cisco ISE/PIC Root Execution Remote Command Injection

]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20285 - Cisco ISE/IP Access Restriction API Authentication Bypass

]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-53938 - WeGIA Authentication Bypass

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53943 - VoidBot Open-Source Discord Bot Command Injection Vulnerability

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-7357 - LITEON IC48A/IC80A FTP Server Cleartext Credentials Storage Vulnerability

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53929 - WeGIA Stored Cross-Site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53930 - WeGIA Stored Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53931 - WeGIA Stored Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53932 - WeGIA Reflected Cross-Site Scripting (XSS)

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53933 - WeGIA Stored Cross-Site Scripting (XSS)

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53934 - WeGIA Stored Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53935 - WeGIA Reflected Cross-Site Scripting (XSS)

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53936 - WeGIA Reflected Cross-Site Scripting (XSS)

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53937 - WeGIA SQL Injection Vulnerability

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-46959 - Adobe Experience Manager DOM-Based Cross-Site Scripting (XSS)

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-47053 - Adobe Experience Manager DOM-Based Cross-Site Scripting (XSS)

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53926 - Emlog Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53925 - Emlog Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2025-5994 - "Unbound DNS Rebirthday Attack Cache Poisoning Vulnerability"

]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2024-42912 - META-INF Kft. Email This Issue (Data Center) Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2025-32353 - Kaseya Rapid Fire Tools Network Detective Unencrypted Credentials Storage Vulnerability

]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2025-32874 - Kaseya Rapid Fire Tools Network Detective Cryptographic Implementation Flaw

]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2025-37104 - HPE Telco Service Orchestrator SQL Injection Vulnerability

]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2025-53840 - Icinga DB Web Information Disclosure

]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-53892 - Vue I18n DOM-based XSS Vulnerability

]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-53923 - Emlog Cross-Site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-53924 - Emlog Stored XSS Vulnerability

]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-3871 - Fortra GoAnywhere MFT Authentication Bypass Denial of Service

]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-40776 - BIND Named Cache-Poisoning Vulnerability

]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-40913 - Net::Dropbear Integer Overflow in libtommath Library

]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-40918 - Apache::Authen::SASL::Perl DIGEST_MD5 CNonce Weak Randomness Vulnerability

]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-40919 - Apache::Authen::DigestMD5 Insecure cnonce Generation Vulnerability

]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-34300 - Sawtooth Software Lighthouse Studio Template Injection

]]>

Wed, 16 Jul 2025 13:15:00 GMT

read more

CVE-2025-40923 - Apache Plack-Middleware-Session Insecure Session ID Generation

]]>

Wed, 16 Jul 2025 13:15:00 GMT

read more

CVE-2025-52714 - Shinetheme Traveler SQL Injection Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52777 - Contact Form 7 Cross-site Scripting (XSS)

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52779 - Karimmughal Dot HTML/PHP/XML Cross-site Scripting (XSS)

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52786 - Kingdom Creation Media Folder Cross-site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52787 - EZiHosting Tennis Court Bookings Cross-site Scripting (XSS)

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52803 - UXper Sala Missing Authorization Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52804 - UXPER Nuss Missing Authorization Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52819 - Pakkemx Pakke Envíos SQL Injection Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52836 - Unity Business Technology Pty Ltd The E-Commerce ERP Privilege Escalation Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-53754 - Digisol Router Hard-Coded Root Access Credentials Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-53755 - Digisol DG-GR6821AC Router Unencrypted Firmware Credential Exposure

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-53756 - Digisol DG-GR6821AC Router Cleartext Credentials Exposure

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-53757 - Digisol Router HTTPOnly Flag Misconfiguration Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-53758 - "Digisol DG-GR6821AC Router Default Admin Credentials Disclosure"

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-48339 - Activity-log.com Profiler Missing Authorization Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-48345 - Arisoft Contact Form 7 Editor Button Cross-site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49031 - SMu Manual DoFollow Cross-site Scripting

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49034 - FunnelKit Funnel Builder SQL Injection

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49319 - WPFactory Wishlist for WooCommerce Missing Authorization Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49876 - Metagauss ProfileGrid SQL Injection

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49884 - AlexVtn Internal Linking of Related Contents Missing Authorization Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49888 - Pimwick PW WooCommerce On Sale! Missing Authorization Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-50028 - CodeSolz Ultimate Push Notifications Missing Authorization Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-48291 - Contest Gallery Cross-site Scripting (XSS)

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-48300 - Groundhogg Web Shell Upload Vulnerability

]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-54009 - Crocoblock JetSmartFilters Cross-site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54010 - Shahjahan Jewel FluentSnippets CSRF Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54011 - SMTP2GO Authorization Bypass

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54013 - Welcart e-Commerce Cross-site Scripting

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54015 - HT Plugins HT Contact Form 7 PHP Remote File Inclusion Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54016 - Kyle Gilman Videopack Cross-site Scripting

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54018 - CreativeMindsSolutions CM Pop-Up banners Missing Authorization Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54020 - Erik AntiSpam for Contact Form 7 CSRF

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54022 - RelyWP Coupon Affiliates CSRF

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54023 - WP Delicious Cross-site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54024 - Greg Winiarski WPAdverts Cross-site Scripting (XSS)

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54026 - QuanticaLabs GymBase Theme Classes SQL Injection

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54030 - WooCommerce Google Sheet Connector CSRF Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54033 - BlocksWP Theme Builder For Elementor CSRF Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54035 - Tribulant Software Newsletters CSRF Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54036 - Webba Booking CSRF Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54037 - Blazethemes News Kit Elementor Addons Missing Authorization Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54038 - MotoPress Restaurant Menu CSRF Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54039 - Toast Plugins Animator CSRF Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54041 - WooCommerce Wallet System CSRF Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54042 - Xfinitysoft WP Post Hide CSRF

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54043 - YayCommerce SMTP for Amazon SES SQL Injection

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54047 - QuanticaLabs Cost Calculator Missing Authorization Vulnerability

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54050 - CyberChimps Responsive Addons for Elementor Stored Cross-site Scripting

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54051 - bPlugins LightBox Block Stored Cross-site Scripting

]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-22227 - Reactor Netty HTTP Client Credentials Leak

]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-40724 - Pharmacy POS PHP Script Stored Cross-Site Scripting (XSS)

]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-40985 - SCATI Vision Web SQL Injection

]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-5284 - Elementor Addons - Stored Cross-Site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-6993 - WordPress WP Mail Privilege Escalation Vulnerability

]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-7035 - WordPress Media Library Assistant Stored XSS

]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-7699 - ADM EZ Sync Manager Unauthenticated File Access Vulnerability

]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-27465 - Xen Hypercall Instruction Replay Vulnerability (Arithmetic Flag Handling)

]]>

Wed, 16 Jul 2025 09:15:00 GMT

read more

CVE-2025-7703 - Palm ID Authentication Bypass

]]>

Wed, 16 Jul 2025 09:15:00 GMT

read more

CVE-2025-52687 - Cisco Aironet Wireless Web Interface JavaScript Injection Vulnerability

]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-52688 - Aruba Command Injection Vulnerability

]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-52689 - Cisco Wireless Access Point Authentication Bypass

]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-52690 - Cisco Wireless Access Point Remote Command Execution Vulnerability

]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-5843 - Brandfolder WordPress Stored Cross-Site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-5845 - WordPress Affiliate Reviews Stored Cross-Site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-6043 - WordPress Malware Removal Plugin File Deletion Arbitrary File Deletion Vulnerability

]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-6747 - Avada Fusion Builder Stored Cross-Site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-7359 - WooCommerce Counter Live Visitors File Deletion Arbitrary Directory Vulnerability

]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-7673 - Zyxel zhttpd Web Server Buffer Overflow Vulnerability

]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-2799 - WordPress Event Manager - Stored Cross-Site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 06:15:00 GMT

read more

CVE-2025-2800 - "WordPress WP Event Manager Stored Cross-Site Scripting"

]]>

Wed, 16 Jul 2025 06:15:00 GMT

read more

CVE-2025-53842 - ZWX-2000CSW2-HN and ZWX-2000CS2-HN Hard-Coded Credentials Vulnerability

]]>

Wed, 16 Jul 2025 05:15:00 GMT

read more

CVE-2025-6977 - ProfileGrid WordPress Reflected Cross-Site Scripting Vulnerability

]]>

Wed, 16 Jul 2025 05:15:00 GMT

read more

CVE-2025-53952 - Apache HTTP Server Unvalidated User Input

]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53953 - Apache Apache HTTP Server Authentication Bypass

]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53954 - Apache HTTP Server Cross-Site Request Forgery

]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53955 - Apache HTTP Server Cross-Site Request Forgery

]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53956 - Apache HTTP Server Cross-Site Request Forgery

]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53957 - Apache HTTP Server Cross-Site Request Forgery

]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53958 - Apache HTTP Server Cross-Site Request Forgery

]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53906 - Vim Zip File Path Traversal Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-6981 - GitHub Enterprise Server Unauthorized Read Access Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49841 - SoVITS-WebUI Unchecked Deserialization Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-53905 - Vim Tar Plugin Path Traversal Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-30761 - Oracle Java SE, Oracle GraalVM Enterprise Edition Scripting Remote Code Execution Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49831 - CyberArk Secrets Manager, Self-Hosted Man-in-the-Middle Attack

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49833 - GPT-SoVITS-WebUI Command Injection Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49834 - GPT-SoVITS-WebUI Command Injection Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49835 - GPT-SoVITS-WebUI Command Injection Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49836 - GPT-SoVITS-WebUI Command Injection Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49837 - GPT-SoVITS-WebUI Deserialization Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49838 - GPT-SoVITS-WebUI Deserialize Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49839 - GPT-SoVITS-WebUI Unvalidated Model Deserialization Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49840 - GPT-SoVITS-WebUI Deserialization Vulnerability

]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-53031 - Oracle Financial Services Analytical Applications Infrastructure HTTP Unauthenticated Confidentiality Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53032 - Oracle MySQL Server Optimizer DOS Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53029 - Oracle VirtualBox Core Confidential Data Disclosure

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53030 - Oracle VirtualBox Core Privilege Escalation Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50108 - Oracle Hyperion Financial Reporting Workspace HTTP Unauthorized Access and Data Modification

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53023 - Oracle MySQL Server Replication High Privilege DOS Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53024 - Oracle Virtualization VirtualBox Core High Privilege Takeover Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53025 - Oracle VirtualBox Core Privilege Escalation Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53026 - Oracle VirtualBox Core Unauthorized Access Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53027 - Oracle Virtualization VirtualBox Core Virtual Takeover

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53028 - Oracle VirtualBox Core Remote Takeover Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50094 - Oracle MySQL Server DDL High Privilege DOS Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50095 - Oracle MySQL Server Optimizer DOS Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50096 - Oracle MySQL MySQL Server InnoDB DOS Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50097 - Oracle MySQL MySQL Server High Privilege DOS Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50098 - Oracle MySQL Server Optimizer Partial Denial of Service Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50099 - Oracle MySQL InnoDB High Privilege DOS Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50100 - Oracle MySQL MySQL Server Partial Denial of Service Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50101 - Oracle MySQL Server Optimizer Denial of Service Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50102 - Oracle MySQL MySQL Server High Privilege DOS Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50103 - Oracle MySQL MySQL Server LDAP Auth Remote DOS Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50104 - Oracle MySQL MySQL Server Partial Denial of Service Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50105 - Oracle Universal Work Queue HTTP Unauthorized Access and Data Manipulation

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50106 - Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition 2D Remote Takeover Vulnerability

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50107 - Oracle Universal Work Queue HTTP Request Handling Remote Code Execution

]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-41236 - VMware ESXi, Workstation, and Fusion VMXNET3 Integer Overflow Remote Code Execution

]]>

Tue, 15 Jul 2025 19:15:00 GMT

read more

CVE-2025-41237 - VMware ESXi, Workstation, and Fusion VMCI Integer Underflow Privilege Escalation Vulnerability

]]>

Tue, 15 Jul 2025 19:15:00 GMT

read more

CVE-2025-41238 - VMware ESXi, Workstation, and Fusion PVSCSI Heap-Overflow Privilege Escalation Vulnerability

]]>

Tue, 15 Jul 2025 19:15:00 GMT

read more

CVE-2025-41239 - VMware ESXi, Workstation, Fusion vSockets Uninitialised Memory Information Disclosure

]]>

Tue, 15 Jul 2025 19:15:00 GMT

read more

CVE-2025-53903 - Scratch Channel Cross-Site Scripting (XSS) Vulnerability

]]>

Tue, 15 Jul 2025 19:15:00 GMT

read more

CVE-2025-53826 - Apache File Browser JWT Token Authentication Bypass

]]>

Tue, 15 Jul 2025 18:15:00 GMT

read more

CVE-2025-53893 - Apache File Browser Denial of Service Vulnerability

]]>

Tue, 15 Jul 2025 18:15:00 GMT

read more

CVE-2025-6558 - Google Chrome ANGLE GPU Sandbox Escape Vulnerability

]]>

Tue, 15 Jul 2025 18:15:00 GMT

read more

CVE-2025-7656 - Google Chrome V8 Integer Overflow Heap Corruption

]]>

Tue, 15 Jul 2025 18:15:00 GMT

read more

CVE-2025-7657 - Google Chrome WebRTC Use-After-Free Vulnerability

]]>

Tue, 15 Jul 2025 18:15:00 GMT

read more

CVE-2025-26186 - openSIS SQL Injection Vulnerability

]]>

Tue, 15 Jul 2025 17:15:00 GMT

read more

CVE-2025-53895 - ZITADEL Session Hijacking Vulnerability

]]>

Tue, 15 Jul 2025 17:15:00 GMT

read more

CVE-2025-53959 - JetBrains YouTrack Email Spoofing Vulnerability

]]>

Tue, 15 Jul 2025 17:15:00 GMT

read more

CVE-2024-42650 - NanoMQ Denial of Service (DoS) Vulnerability

]]>

Tue, 15 Jul 2025 16:15:00 GMT

read more

CVE-2025-50819 - Beiyuouo Arxiv-Daily Path Traversal Vulnerability

]]>

Tue, 15 Jul 2025 16:15:00 GMT

read more

CVE-2025-52080 - Netgear XR300 HTTPD Service Stack-Based Buffer Overflow

]]>

Tue, 15 Jul 2025 16:15:00 GMT

read more

CVE-2025-52081 - Netgear XR300 Stack-Based Buffer Overflow Vulnerability

]]>

Tue, 15 Jul 2025 16:15:00 GMT

read more

CVE-2025-52082 - Netgear XR300 HTTPD Service Stack-Based Buffer Overflow

]]>

Tue, 15 Jul 2025 16:15:00 GMT

read more

CVE-2025-33097 - IBM QRadar SIEM Cross-Site Scripting Vulnerability

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-48795 - Apache CXF Unencrypted Temporary File Log Exposure Denial of Service

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-52377 - Nexxt Solutions NCM-X1800 Mesh Router Command Injection Vulnerability

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-52378 - Nexxt Solutions NCM-X1800 Mesh Router Cross-Site Scripting (XSS)

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-52379 - Nexxt Solutions NCM-X1800 Mesh Router Remote Command Injection Vulnerability

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-53621 - DSpace XXE Injection Vulnerability

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-53622 - DSpace Tomcat Path Traversal Vulnerability

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-6971 - SOLIDWORKS eDrawings After Free Vulnerability

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-6972 - SOLIDWORKS eDrawings After Free Code Execution Vulnerability

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-6973 - SOLIDWORKS eDrawings JT File After Free Vulnerability

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-6974 - SOLIDWORKS eDrawings Uninitialized Variable Code Execution Vulnerability

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-7042 - SOLIDWORKS eDrawings After Free Code Execution Vulnerability

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-0831 - SOLIDWORKS eDrawings JT File Out-Of-Bounds Read Arbitrary Code Execution

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-30483 - Dell ECS Insertion of Sensitive Information into Log File Vulnerability

]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-52376 - Nexxt Solutions NCM-X1800 Mesh Router Telnet Authentication Bypass

]]>

Tue, 15 Jul 2025 14:15:00 GMT

read more

CVE-2025-6965 - SQLite Aggregate Overflow

]]>

Tue, 15 Jul 2025 14:15:00 GMT

read more

CVE-2025-34112 - Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34113 - Tiki Wiki CMS Command Injection Vulnerability

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34115 - OP5 Monitor Command Injection Vulnerability

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34116 - IPFire Command Injection Vulnerability

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34107 - WinaXe FTP Client Buffer Overflow

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34108 - Disk Pulse Enterprise Stack-Based Buffer Overflow Vulnerability

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34109 - Panda Security DLL Injection Vulnerability

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34110 - ColoradoFTP Server Directory Traversal Vulnerability

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34111 - Tiki Wiki CMS Groupware ELFinder PHP File Upload Vulnerability

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34068 - Samsung WLAN AP WEA453e Unauthenticated Remote Command Execution Vulnerability

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34103 - WePresent WiPG-1000 Command Injection Vulnerability

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34104 - Piwik (Matomo) Remote Code Execution Vulnerability

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34105 - "DiskBoss Enterprise HTTP GET Stack-Based Buffer Overflow"

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34106 - Adobe PDF Shaper Buffer Overflow Vulnerability

]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-7667 - WordPress Restrict File Access CSRF Vulnerability

]]>

Tue, 15 Jul 2025 12:15:00 GMT

read more

CVE-2025-4369 - "WordPress Companion Auto Update Stored Cross-Site Scripting"

]]>

Tue, 15 Jul 2025 10:15:00 GMT

read more

CVE-2025-24477 - Fortinet FortiOS Heap-Based Buffer Overflow Privilege Escalation

]]>

Tue, 15 Jul 2025 09:15:00 GMT

read more

CVE-2025-3621 - ProTNS ActADUR Remote Code Inclusion and Command Injection

]]>

Tue, 15 Jul 2025 08:15:00 GMT

read more

CVE-2025-7672 - JiranSoft CrossEditor4 Stored XSS Vulnerability

]]>

Tue, 15 Jul 2025 08:15:00 GMT

read more

CVE-2025-7340 - "Elementor HT Contact Form Widget File Upload Vulnerability"

]]>

Tue, 15 Jul 2025 05:15:00 GMT

read more

CVE-2025-7341 - Elementor Page Builder Gutenberg Blocks Form Builder File Deletion Vulnerability

]]>

Tue, 15 Jul 2025 05:15:00 GMT

read more

CVE-2025-7360 - Elementor Page Builder Gutenberg Blocks Form Builder HT Contact Form Widget File Moving Vulnerability

]]>

Tue, 15 Jul 2025 05:15:00 GMT

read more

CVE-2025-7367 - WordPress Strong Testimonials Stored Cross-Site Scripting

]]>

Tue, 15 Jul 2025 05:15:00 GMT

read more

CVE-2025-5393 - WordPress Alone Charity Multipurpose Non-profit Theme Arbitrary File Deletion Vulnerability

]]>

Tue, 15 Jul 2025 04:15:00 GMT

read more

CVE-2025-5394 - Alone – Charity Multipurpose Non-profit WordPress Theme Unauthenticated Arbitrary File Upload Vulnerability

]]>

Tue, 15 Jul 2025 04:15:00 GMT

read more

CVE-2025-6265 - Zyxel NWA50AX PRO Path Traversal Vulnerability

]]>

Tue, 15 Jul 2025 02:15:00 GMT

read more

CVE-2025-53836 - XWiki Rendering Macro Execution Bypass

]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53839 - DRACOON Branding Service Cross-Site Scripting Vulnerability

]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53885 - Directus Console Log Data Exposure Vulnerability

]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53886 - Directus Session Hijacking Vulnerability

]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53887 - Directus OpenAPI Spec Version Disclosure

]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53889 - Directus Unauthenticated Flow Trigger Vulnerability

]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53890 - Pyload CAPTCHA JavaScript Evaluation Remote Code Execution

]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53891 - Apache Time-Line File Upload Vulnerability (Remote File Inclusion/DoS)

]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53824 - WeGIA Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53825 - Dokploy Unauthenticated Code Execution and Secret Disclosure Vulnerability

]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53833 - "LaRecipe Server-Side Template Injection Vulnerability"

]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53834 - Caido Toast UI Component Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53835 - XWiki Rendering Cross-Site Scripting Vulnerability

]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53823 - WeGIA SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53821 - WeGIA Open Redirect Vulnerability

]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53822 - WeGIA Reflected Cross-Site Scripting (XSS)

]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53819 - Nix Privilege Escalation Vulnerability

]]>

Mon, 14 Jul 2025 21:15:00 GMT

read more

CVE-2025-53820 - WeGIA Reflected Cross-Site Scripting (XSS)

]]>

Mon, 14 Jul 2025 21:15:00 GMT

read more

CVE-2025-53640 - Indico Information Disclosure Vulnerability

]]>

Mon, 14 Jul 2025 21:15:00 GMT

read more

CVE-2025-53643 - AIOHTTP Request Smuggling Vulnerability

]]>

Mon, 14 Jul 2025 21:15:00 GMT

read more

CVE-2025-53818 - GitHub Kanban MCP Server Command Injection Vulnerability

]]>

Mon, 14 Jul 2025 21:15:00 GMT

read more

CVE-2025-53639 - MeterSphere SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 20:15:00 GMT

read more

CVE-2025-53101 - ImageMagick Stack Overflow

]]>

Mon, 14 Jul 2025 20:15:00 GMT

read more

CVE-2025-53623 - ActiveJob Job Iteration API Remote Code Execution Vulnerability

]]>

Mon, 14 Jul 2025 20:15:00 GMT

read more

CVE-2025-53019 - ImageMagick Memory Leak

]]>

Mon, 14 Jul 2025 20:15:00 GMT

read more

CVE-2025-53015 - ImageMagick XMP File Conversion Infinite Lines Vulnerability

]]>

Mon, 14 Jul 2025 20:15:00 GMT

read more

CVE-2025-52363 - Tenda CP3 Pro Root Password Hash Hardcoded Vulnerability

]]>

Mon, 14 Jul 2025 18:15:00 GMT

read more

CVE-2025-53014 - ImageMagick Heap Buffer Overflow Vulnerability

]]>

Mon, 14 Jul 2025 18:15:00 GMT

read more

CVE-2025-7627 - YiJiuSmile kkFileViewOfficeEdit Unrestricted File Upload Vulnerability

]]>

Mon, 14 Jul 2025 18:15:00 GMT

read more

CVE-2025-7628 - YiJiuSmile kkFileViewOfficeEdit Path Traversal Vulnerability

]]>

Mon, 14 Jul 2025 18:15:00 GMT

read more

CVE-2025-51652 - SemCms SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51653 - SemCms SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51654 - SemCms SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51655 - SemCms v5.0 was discovered to contain a SQL inject

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51656 - SemCms SQL Injection

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51657 - SemCms SQL Injection

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51658 - SemCms SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51659 - SemCms SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51660 - SemCms SQL Injection

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-7625 - YiJiuSmile kkFileViewOfficeEdit Remote Path Traversal Vulnerability

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-7626 - YiJiuSmile kkFileViewOfficeEdit Path Traversal Vulnerability

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2024-42646 - NanoMQ Denial of Service (DoS) Vulnerability

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2024-42648 - NanoMQ MQTT Heap Overflow Denial of Service

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2024-42649 - NanoMQ Memory Leak Denial of Service Vulnerability

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51650 - FoxCMS Remote Code Execution (RCE)

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51651 - Mccms File Download Vulnerability

]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-7615 - TOTOLINK T6 Command Injection Vulnerability

]]>

Mon, 14 Jul 2025 16:15:00 GMT

read more

CVE-2025-7616 - Snap7 gmg137 Pthread Conditional Destroy Memory Corruption Vulnerability

]]>

Mon, 14 Jul 2025 16:15:00 GMT

read more

CVE-2025-7612 - "Code-projects Mobile Shop SQL Injection Vulnerability"

]]>

Mon, 14 Jul 2025 15:15:00 GMT

read more

CVE-2025-7613 - TOTOLINK T6 Command Injection Vulnerability in CloudSrvVersionCheck

]]>

Mon, 14 Jul 2025 15:15:00 GMT

read more

CVE-2025-7614 - TOTOLINK T6 Command Injection Vulnerability

]]>

Mon, 14 Jul 2025 15:15:00 GMT

read more

CVE-2025-50756 - Wavlink WN535K3 Command Injection Vulnerability

]]>

Mon, 14 Jul 2025 15:15:00 GMT

read more

CVE-2025-7611 - "Code-Projects Wedding Reservation SQL Injection"

]]>

Mon, 14 Jul 2025 15:15:00 GMT

read more

CVE-2025-7609 - "Code-projects Simple Shopping Cart SQL Injection Vulnerability"

]]>

Mon, 14 Jul 2025 14:15:00 GMT

read more

CVE-2025-7610 - Apache Code-projects Electricity Billing System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 14:15:00 GMT

read more

CVE-2025-7519 - Polkit XML Policy Parsing Out-of-Bounds Write Vulnerability

]]>

Mon, 14 Jul 2025 14:15:00 GMT

read more

CVE-2025-7607 - Apache Simple Shopping Cart SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 14:15:00 GMT

read more

CVE-2025-7608 - Apache Code-projects Simple Shopping Cart SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 14:15:00 GMT

read more

CVE-2025-27582 - One Identity Password Manager Local Privilege Escalation Vulnerability

]]>

Mon, 14 Jul 2025 13:15:00 GMT

read more

CVE-2025-7603 - D-Link DI-8100 HTTP Request Handler Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 14 Jul 2025 13:15:00 GMT

read more

CVE-2025-7604 - PHPGurukul Hospital Management System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 13:15:00 GMT

read more

CVE-2025-7605 - AVL Rooms SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 13:15:00 GMT

read more

CVE-2025-7606 - AVL Rooms SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 13:15:00 GMT

read more

CVE-2025-7599 - PHPGurukul Dairy Farm Shop Management System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 12:15:00 GMT

read more

CVE-2025-7600 - PHPGurukul Online Library Management System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 12:15:00 GMT

read more

CVE-2025-7601 - PHPGurukul Online Library Management System Cross Site Scripting Vulnerability

]]>

Mon, 14 Jul 2025 12:15:00 GMT

read more

CVE-2025-7602 - D-Link DI-8100 HTTP Request Handler Stack-Based Buffer Overflow

]]>

Mon, 14 Jul 2025 12:15:00 GMT

read more

CVE-2025-7596 - Tenda FH1205 Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2025-7597 - Tenda AX1803 Stack-Based Buffer Overflow

]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2025-7598 - Tenda AX1803 Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2025-7618 - "ADM File Explorer and Text Editor Stored XSS"

]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2024-51770 - HPE AutoPass License Server Information Disclosure Vulnerability

]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2025-7595 - "Job Diary SQL Injection Vulnerability"

]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2024-51767 - HPE AutoPass License Server Authentication Bypass Vulnerability

]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2024-51768 - HPE AutoPass License Server HSQLDB Remote Code Execution Vulnerability

]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2024-51769 - HPE AutoPass License Server (APLS) Information Disclosure Vulnerability

]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2025-7593 - Job Diary SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 10:15:00 GMT

read more

CVE-2025-7594 - Job Diary SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 10:15:00 GMT

read more

CVE-2024-26293 - Avid Nexis gSOAP Unauthenticated Path Traversal Vulnerability

]]>

Mon, 14 Jul 2025 10:15:00 GMT

read more

CVE-2025-53689 - Apache Jackrabbit XXE Injection Vulnerability

]]>

Mon, 14 Jul 2025 10:15:00 GMT

read more

CVE-2025-7592 - PHPGurukul Dairy Farm Shop Management System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 10:15:00 GMT

read more

CVE-2024-26292 - Avid NEXIS E-series, F-series, PRO+, SDA+: Authenticated Arbitrary File Deletion Vulnerability

]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-24391 - OTRS Information Disclosure

]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7587 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7588 - PHPGurukul Dairy Farm Shop Management System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7589 - PHPGurukul Dairy Farm Shop Management System SQL Injection

]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7590 - PHPGurukul Dairy Farm Shop Management System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7591 - PHPGurukul Dairy Farm Shop Management System SQL Injection

]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2024-26291 - Avid NEXIS Unauthenticated Arbitrary File Read Vulnerability

]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7584 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 08:15:00 GMT

read more

CVE-2025-7585 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 08:15:00 GMT

read more

CVE-2025-7586 - Tenda AC500 Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 14 Jul 2025 08:15:00 GMT

read more

CVE-2025-7583 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 08:15:00 GMT

read more

CVE-2025-7579 - Chinese-Poetry Regular Expression Denial of Service (DoS)

]]>

Mon, 14 Jul 2025 07:15:00 GMT

read more

CVE-2025-7580 - Code-projects Voting System SQL Injection

]]>

Mon, 14 Jul 2025 07:15:00 GMT

read more

CVE-2025-7581 - Code-Projects Voting System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 07:15:00 GMT

read more

CVE-2025-7582 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 07:15:00 GMT

read more

CVE-2025-7575 - Zavy86 WikiDocs Remote Path Traversal Vulnerability

]]>

Mon, 14 Jul 2025 06:15:00 GMT

read more

CVE-2025-7576 - Teledyne FLIR FB-Series and FH-Series Remote File Access Control Bypass Vulnerability

]]>

Mon, 14 Jul 2025 06:15:00 GMT

read more

CVE-2025-7577 - Teledyne FLIR FB-Series/FLIR FH-Series Remote Hard-Coded Password Vulnerability

]]>

Mon, 14 Jul 2025 06:15:00 GMT

read more

CVE-2025-7578 - Teledyne FLIR FB-Series and FH-Series Command Injection Vulnerability

]]>

Mon, 14 Jul 2025 06:15:00 GMT

read more

CVE-2025-7380 - "ADM Stored Cross-Site Scripting Vulnerability"

]]>

Mon, 14 Jul 2025 06:15:00 GMT

read more

CVE-2025-29606 - Libp2p RSA Key DoS

]]>

Mon, 14 Jul 2025 05:15:00 GMT

read more

CVE-2025-7571 - UTT HiPER 840G Buffer Overflow Vulnerability

]]>

Mon, 14 Jul 2025 05:15:00 GMT

read more

CVE-2025-7572 - LB-LINK Lighttpd CGI Information Disclosure

]]>

Mon, 14 Jul 2025 05:15:00 GMT

read more

CVE-2025-7573 - "LB-LINK Lighttpd Cgi- Bin Information Disclosure Vulnerability"

]]>

Mon, 14 Jul 2025 05:15:00 GMT

read more

CVE-2025-7574 - LB-LINK Web Interface Improper Authentication Vulnerability

]]>

Mon, 14 Jul 2025 05:15:00 GMT

read more

CVE-2025-7566 - jshERP Path Traversal Vulnerability

]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7567 - ShopXO Cross-Site Scripting Vulnerability

]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7568 - FoxCMS SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7569 - Bigotry OneBase Cross-Site Scripting Vulnerability

]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7570 - UTT HiPER 840G Remote Buffer Overflow Vulnerability

]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7619 - WellChoose BatchSignCS Arbitrary File Write Vulnerability

]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7620 - Digitware System Integration Corporation Cross-Browser Document Creation Remote Code Execution

]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7565 - LB-LINK BL-AC3600 Web Management Interface Information Disclosure Vulnerability

]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7451 - iSherlock OS Command Injection Vulnerability

]]>

Mon, 14 Jul 2025 03:15:00 GMT

read more

CVE-2025-7562 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 03:15:00 GMT

read more

CVE-2025-7563 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 03:15:00 GMT

read more

CVE-2025-7564 - LB-LINK BL-AC3600 Hard-Coded Credentials Vulnerability

]]>

Mon, 14 Jul 2025 03:15:00 GMT

read more

CVE-2025-7559 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 02:15:00 GMT

read more

CVE-2025-7560 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 02:15:00 GMT

read more

CVE-2025-7561 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 02:15:00 GMT

read more

CVE-2025-25180 - Apache GPU Driver GPU Escalation of Privilege

]]>

Mon, 14 Jul 2025 02:15:00 GMT

read more

CVE-2025-7555 - "Code-projects Voting System SQL Injection Vulnerability"

]]>

Mon, 14 Jul 2025 01:15:00 GMT

read more

CVE-2025-7556 - Code-projects Voting System SQL Injection Vulnerability

]]>

Mon, 14 Jul 2025 01:15:00 GMT

read more

CVE-2025-7557 - "Code-projects Voting System SQL Injection Vulnerability"

]]>

Mon, 14 Jul 2025 01:15:00 GMT

read more

CVE-2025-7558 - "Code-projects Voting System SQL Injection Vulnerability"

]]>

Mon, 14 Jul 2025 01:15:00 GMT

read more

CVE-2025-7554 - Sapido RB-1802 Cross-Site Scripting Vulnerability

]]>

Mon, 14 Jul 2025 01:15:00 GMT

read more

CVE-2025-1384 - Omron NJ/NX-series Least Privilege Violation Remote Code Execution

]]>

Mon, 14 Jul 2025 00:15:00 GMT

read more

CVE-2025-7551 - Tenda FH1201 PPTPDClient Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 14 Jul 2025 00:15:00 GMT

read more

CVE-2025-7552 - Dromara Northstar Remote Path Traversal Vulnerability

]]>

Mon, 14 Jul 2025 00:15:00 GMT

read more

CVE-2025-7553 - D-Link DIR-818LW Remote OS Command Injection Vulnerability

]]>

Mon, 14 Jul 2025 00:15:00 GMT

read more

CVE-2025-1220 - Apache PHP Null Character Injection Vulnerability

]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-1735 - Apache PHP PostgreSQL Unchecked Quoting Function Error

]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-7547 - Campcodes Online Movie Theater Seat Reservation System Unrestricted File Upload Vulnerability

]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-7548 - Tenda FH1201 Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-7549 - Tenda FH1201 Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-7550 - Tenda FH1201 Buffer Overflow Vulnerability

]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-7545 - "GNU Binutils Heap-Based Buffer Overflow"

]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2025-7546 - GNU Binutils Out-of-Bounds Write Vulnerability

]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2024-58258 - SugarCRM SSRF Vulnerability

]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2025-6491 - Apache PHP SOAP XML Namespace Prefix Overflow Vulnerability

2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2025-7543 - PHPGurukul User Registration Login and User Management System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2025-7544 - Tenda AC1206 Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2025-7541 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 21:15:00 GMT

read more

CVE-2025-7542 - PHPGurukul User Registration Login and User Management System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 21:15:00 GMT

read more

CVE-2025-53865 - Roundup Cross-Site Scripting Vulnerability

]]>

Sun, 13 Jul 2025 20:15:00 GMT

read more

CVE-2025-7539 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 20:15:00 GMT

read more

CVE-2025-7540 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 20:15:00 GMT

read more

CVE-2025-7537 - Campcodes Sales and Inventory System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 19:15:00 GMT

read more

CVE-2025-7538 - Campcodes Sales and Inventory System File Upload Vulnerability

]]>

Sun, 13 Jul 2025 19:15:00 GMT

read more

CVE-2025-7535 - Campcodes Sales and Inventory System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 18:15:00 GMT

read more

CVE-2025-7536 - Campcodes Sales and Inventory System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 18:15:00 GMT

read more

CVE-2025-7533 - "Code-projects Job Diary SQL Injection"

]]>

Sun, 13 Jul 2025 17:15:00 GMT

read more

CVE-2025-7534 - "PHPGurukul Student Result Management System SQL Injection Vulnerability"

]]>

Sun, 13 Jul 2025 17:15:00 GMT

read more

CVE-2025-7531 - Tenda FH1202 PPTP Remote Stack Buffer Overflow Vulnerability

]]>

Sun, 13 Jul 2025 16:15:00 GMT

read more

CVE-2025-7532 - Tenda FH1202 Critical Stack-Based Buffer Overflow

]]>

Sun, 13 Jul 2025 16:15:00 GMT

read more

CVE-2025-7530 - Tenda PPTPDClient Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 13 Jul 2025 15:15:00 GMT

read more

CVE-2025-7528 - Tenda FH1202 Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 13 Jul 2025 12:15:00 GMT

read more

CVE-2025-7529 - Tenda FH1202 Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 13 Jul 2025 12:15:00 GMT

read more

CVE-2025-7527 - Tenda FH1202 Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 13 Jul 2025 11:15:00 GMT

read more

CVE-2025-7525 - TOTOLINK T6 HTTP POST Request Handler Command Injection Vulnerability

]]>

Sun, 13 Jul 2025 10:15:00 GMT

read more

CVE-2025-7524 - "TOTOLINK T6 HTTP POST Request Handler Command Injection Vulnerability"

]]>

Sun, 13 Jul 2025 09:15:00 GMT

read more

CVE-2025-7012 - Cato Networks CatoClient Local Privilege Escalation Vulnerability

]]>

Sun, 13 Jul 2025 08:15:00 GMT

read more

CVE-2025-7522 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 07:15:00 GMT

read more

CVE-2025-7523 - Jinher OA XXE Vulnerability

]]>

Sun, 13 Jul 2025 07:15:00 GMT

read more

CVE-2025-7521 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 06:15:00 GMT

read more

CVE-2025-7517 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 05:15:00 GMT

read more

CVE-2025-7520 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 05:15:00 GMT

read more

CVE-2025-7515 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 04:15:00 GMT

read more

CVE-2025-7516 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 04:15:00 GMT

read more

CVE-2025-7514 - Modern Bag SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 04:15:00 GMT

read more

CVE-2025-7512 - "Modern Bag SQL Injection Vulnerability"

]]>

Sun, 13 Jul 2025 03:15:00 GMT

read more

CVE-2025-7513 - "Modern Bag SQL Injection Vulnerability"

]]>

Sun, 13 Jul 2025 03:15:00 GMT

read more

CVE-2025-7511 - Code-projects Chat System SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 02:15:00 GMT

read more

CVE-2025-7510 - Code-projects Modern Bag SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 01:15:00 GMT

read more

CVE-2025-7509 - "Modern Bag SQL Injection Vulnerability"

]]>

Sun, 13 Jul 2025 01:15:00 GMT

read more

CVE-2025-7508 - Modern Bag SQL Injection Vulnerability

]]>

Sun, 13 Jul 2025 00:15:00 GMT

read more

CVE-2025-7505 - Tenda FH451 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability

]]>

Sat, 12 Jul 2025 23:15:00 GMT

read more

CVE-2025-7506 - Tenda FH451 HTTP POST Request Handler Stack-Based Buffer Overflow

]]>

Sat, 12 Jul 2025 23:15:00 GMT

read more

CVE-2025-7492 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 22:15:00 GMT

read more

CVE-2025-7491 - PHPGurukul Vehicle Parking Management System SQL Injection

]]>

Sat, 12 Jul 2025 21:15:00 GMT

read more

CVE-2025-7490 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 21:15:00 GMT

read more

CVE-2025-7488 - JoeyBling SpringBoot_MyBatisPlus Remote File Path Traversal Vulnerability

]]>

Sat, 12 Jul 2025 20:15:00 GMT

read more

CVE-2025-7489 - "PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability"

]]>

Sat, 12 Jul 2025 20:15:00 GMT

read more

CVE-2025-7485 - Open5GS Reachable Assertion Vulnerability

]]>

Sat, 12 Jul 2025 19:15:00 GMT

read more

CVE-2025-7487 - JoeyBling SpringBoot_MyBatisPlus Unrestricted File Upload Vulnerability

]]>

Sat, 12 Jul 2025 19:15:00 GMT

read more

CVE-2025-7484 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 18:15:00 GMT

read more

CVE-2025-7483 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 18:15:00 GMT

read more

CVE-2025-7481 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 17:15:00 GMT

read more

CVE-2025-7482 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 17:15:00 GMT

read more

CVE-2024-41169 - Apache Zeppelin Raft Server Protocol Unauthenticated Directory Disclosure

]]>

Sat, 12 Jul 2025 17:15:00 GMT

read more

CVE-2025-7479 - PHPGurukul Vehicle Parking Management System SQL Injection

]]>

Sat, 12 Jul 2025 16:15:00 GMT

read more

CVE-2025-7480 - PHPGurukul Vehicle Parking Management System SQL Injection

]]>

Sat, 12 Jul 2025 16:15:00 GMT

read more

CVE-2025-7477 - Apache Simple Car Rental System Unrestricted File Upload Vulnerability

]]>

Sat, 12 Jul 2025 15:15:00 GMT

read more

CVE-2025-7478 - Apache Code-Projects Modern Bag SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 15:15:00 GMT

read more

CVE-2025-7476 - Simple Car Rental System SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 14:15:00 GMT

read more

CVE-2025-7475 - Simple Car Rental System SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 13:15:00 GMT

read more

CVE-2025-7471 - Modern Bag SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2025-7474 - Job Diary SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2020-36849 - WordPress AIT CSV Import/Export Plugin Arbitrary File Upload Vulnerability

]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2021-4458 - WordPress Modern Events Calendar Lite SQL Injection

]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2025-36104 - IBM Storage Scale Information Disclosure

]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2020-36848 - BoldGrid WordPress Backup Plugin Sensitive Information Exposure

]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2025-7469 - Campcodes Sales and Inventory System SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 11:15:00 GMT

read more

CVE-2025-7470 - Campcodes Sales and Inventory System Remote File Upload Vulnerability

]]>

Sat, 12 Jul 2025 11:15:00 GMT

read more

CVE-2020-36847 - WordPress Simple-File-List Remote Code Execution Vulnerability

]]>

Sat, 12 Jul 2025 10:15:00 GMT

read more

CVE-2025-7518 - RSFirewall! WordPress Path Traversal Vulnerability

]]>

Sat, 12 Jul 2025 10:15:00 GMT

read more

CVE-2025-7468 - "Tenda FH1201 HTTP POST Request Handler Buffer Overflow"

]]>

Sat, 12 Jul 2025 09:15:00 GMT

read more

CVE-2025-7504 - WordPress Friends Plugin PHP Object Injection Vulnerability

]]>

Sat, 12 Jul 2025 09:15:00 GMT

read more

CVE-2025-7467 - "Modern Bag SQL Injection Vulnerability"

]]>

Sat, 12 Jul 2025 09:15:00 GMT

read more

CVE-2025-6423 - BeeTeam368 Extensions WordPress Arbitrary File Upload Vulnerability

]]>

Sat, 12 Jul 2025 08:15:00 GMT

read more

CVE-2025-7466 - ABC Courier Management SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 08:15:00 GMT

read more

CVE-2025-7465 - Tenda FH1201 HTTP POST Request Handler Buffer Overflow

]]>

Sat, 12 Jul 2025 07:15:00 GMT

read more

CVE-2025-7464 - GoBGP Out-of-Bounds Read Vulnerability

]]>

Sat, 12 Jul 2025 07:15:00 GMT

read more

CVE-2025-1313 - Nokri - Job Board WordPress Theme Privilege Escalation Vulnerability

]]>

Sat, 12 Jul 2025 06:15:00 GMT

read more

CVE-2025-7462 - Artifex GhostPDL Remote Null Pointer Dereference Vulnerability

]]>

Sat, 12 Jul 2025 06:15:00 GMT

read more

CVE-2025-7463 - Tenda FH1201 HTTP POST Request Handler Buffer Overflow Vulnerability

]]>

Sat, 12 Jul 2025 06:15:00 GMT

read more

CVE-2025-7461 - Apache Modern Bag SQL Injection Vulnerability

]]>

Sat, 12 Jul 2025 05:15:00 GMT

read more

CVE-2025-6057 - WordPress WPBookit Arbitrary File Upload Vulnerability

]]>

Sat, 12 Jul 2025 05:15:00 GMT

read more

CVE-2025-6058 - WordPress WPBookit Arbitrary File Upload Vulnerability

]]>

Sat, 12 Jul 2025 05:15:00 GMT

read more

CVE-2025-24294 - Apache Resolv DNS Denial of Service Vulnerability

]]>

Sat, 12 Jul 2025 04:15:00 GMT

read more

CVE-2024-38648 - Ivanti DSM Decryption Secret Disclosure

]]>

Sat, 12 Jul 2025 04:15:00 GMT

read more

CVE-2023-38036 - Ivanti Avalanche Manager Buffer Overflow Vulnerability

]]>

Sat, 12 Jul 2025 04:15:00 GMT

read more

CVE-2023-39338 - Apache Sentry Unauthorized Service Access

]]>

Sat, 12 Jul 2025 04:15:00 GMT

read more

CVE-2023-39339 - Ivanti Policy Secure Arbitrary File Read Vulnerability

]]>

Sat, 12 Jul 2025 04:15:00 GMT

read more

CVE-2025-53877 - Apache Struts Command Injection

]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53878 - Apache HTTP Server Denial of Service

]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53879 - Apache Struts Deserialization Vulnerability

]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53875 - Apache HTTP Server Cross-Site Request Forgery

]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53876 - Apache HTTP Server Authentication Bypass

]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53873 - Apache HTTP Server Unvalidated User Input

]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53874 - Apache HTTP Server Authentication Bypass

]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53871 - Apache HTTP Server Remote Command Execution

]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53872 - Cisco WebEx Meeting Center Unvalidated Redirect

]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-5199 - Canonical Multipass Privilege Escalation Vulnerability

]]>

Sat, 12 Jul 2025 00:15:00 GMT

read more

CVE-2025-53636 - Open OnDemand Shell App Log Flood Denial of Service Vulnerability

]]>

Fri, 11 Jul 2025 22:15:00 GMT

read more

CVE-2025-7460 - TOTOLINK T6 HTTP POST Request Handler Buffer Overflow Vulnerability

]]>

Fri, 11 Jul 2025 22:15:00 GMT

read more

CVE-2025-7457 - Campcodes Online Movie Theater Seat Reservation System SQL Injection Vulnerability

]]>

Fri, 11 Jul 2025 21:15:00 GMT

read more

CVE-2025-7459 - Code-projects Mobile Shop SQL Injection Vulnerability

]]>

Fri, 11 Jul 2025 21:15:00 GMT

read more

CVE-2025-7455 - Campcodes Online Movie Theater Seat Reservation System SQL Injection Vulnerability

]]>

Fri, 11 Jul 2025 20:15:00 GMT

read more

CVE-2025-7456 - Campcodes Online Movie Theater Seat Reservation System SQL Injection

]]>

Fri, 11 Jul 2025 20:15:00 GMT

read more

CVE-2025-7503 - "Shenzhen Liandian Communication Technology LTD OEM IP Camera Telnet Default Credentials Remote Code Execution"

]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2025-3631 - IBM MQ SIGSEGV in AMQRMPPA Channel Process

]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2025-7453 - "Saltbo Zpan JSON Web Token Handler Hard-Coded Password Vulnerability"

]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2025-7454 - Campcodes Online Movie Theater Seat Reservation System SQL Injection Vulnerability

]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2013-3307 - Linksys E1000/E1200/E3200 OS Command Injection

]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2025-30403 - Mvfst QUIC Heap Buffer Overflow

]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2025-53641 - Postiz SSRF Vulnerability

]]>

Fri, 11 Jul 2025 18:15:00 GMT

read more

CVE-2025-53642 - HAXcms Nodejs/PHP Session Invalidation and Refresh Token Vulnerability

]]>

Fri, 11 Jul 2025 18:15:00 GMT

read more

CVE-2025-7452 - Kone-Net Go-Chat Path Traversal Vulnerability

]]>

Fri, 11 Jul 2025 18:15:00 GMT

read more

CVE-2025-30402 - Apache ExecuTorch Heap Buffer Overflow Vulnerability

]]>

Fri, 11 Jul 2025 18:15:00 GMT

read more

CVE-2024-47065 - Meshtastic Traceroute Rate Limiting Vulnerability

]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-43856 - Immich OAuth2 CSRF Account Hijacking Vulnerability

]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-45582 - Apache GNU Tar Directory Traversal Overwrite Vulnerability

../../../../../home/victim/.ssh" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which "tar xf" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-47182 - Microsoft Edge (Chromium-based) Bypass Security Feature Vulnerability

]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-47963 - Microsoft Edge (Chromium-based) Spoofing Vulnerability

]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-47964 - Microsoft Edge (Chromium-based) URI Spoofing

]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-7450 - Letseeqiji Gorobbs API Path Traversal Vulnerability

]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-7029 - Intel Software SMI Handler Buffer Overflow Vulnerability

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-7026 - Intel Software SMI Handler Local Privilege Escalation Vulnerability

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-7027 - ASUS Firmware SMM Privilege Escalation Vulnerability

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-7028 - Apache Software SMI Handler Pointer Dereference Vulnerability

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52986 - Juniper Networks Junos OS and Junos OS Evolved RPD Memory Leak Vulnerability

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52988 - Juniper Networks Junos OS and Junos OS Evolved OS Command Injection

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52989 - Juniper Networks Junos OS and Junos OS Evolved Delimiter Injection Vulnerability

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-6549 - Juniper Networks Junos OS SRX Series Incorrect Authorization Web Access Vulnerability

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52980 - Juniper Networks Junos OS BGP Byte Order Denial-of-Service (DoS) Vulnerability

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52981 - Juniper Networks Junos OS Denial-of-Service (DoS) vulnerability in flowd

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52982 - Juniper Networks Junos OS MX Series SIP ALG Denial-of-Service Vulnerability

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52983 - Juniper Networks Junos OS Public Key Authentication Bypass

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52984 - Juniper Networks Junos OS and Junos OS Evolved NULL Pointer Dereference Vulnerability in Routing Protocol Daemon (rpd)

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52985 - Juniper Networks Junos OS Evolved Prefix List Bypass

]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52958 - Juniper Networks Junos OS and Junos OS Evolved Reachable Assertion BGP Denial of Service

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52963 - Juniper Networks Junos OS Improper Access Control Denial-of-Service

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52964 - "Juniper Networks Junos OS and Junos OS Evolved Reachable Assertion Denial of Service Vulnerability"

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52994 - Apache PhpThumb OS Command Injection

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2023-38327 - eGroupWare User Enumeration Vulnerability

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2023-38329 - eGroupWare Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-30661 - Juniper Networks Junos OS Incorrect Permission Assignment for Critical Resource Privilege Escalation

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-48924 - Apache Commons Lang Uncontrolled Recursion Vulnerability

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52089 - TOTOLINK N300RB Command Injection Vulnerability

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52946 - Juniper Networks Junos OS and Junos OS Evolved BGP AS PATH Use After Free Denial of Service

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52947 - Juniper Networks Junos OS ACX Series Improper Exception Handling Denial of Service

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52948 - Juniper Networks Junos OS BPF Exceptional Condition Handling Vulnerability

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52949 - Juniper Networks Junos OS and Junos OS Evolved BGP Improper Length Parameter Handling Denial of Service

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52950 - Juniper Networks Security Director Missing Authorization Vulnerability

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52951 - Juniper Networks Junos OS IPv6 Firewall Bypass Protection Mechanism Failure

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52952 - Juniper Networks Junos OS CFM Daemon Out-of-Bounds Write Vulnerability

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52953 - Juniper Networks Junos OS and Junos OS Evolved BGP UPDATE Packet Processing Denial of Service

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52954 - Juniper Networks Junos OS Evolved Missing Authorization Root Privilege Escalation Vulnerability

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52955 - Juniper Networks Junos OS Buffer Overflow Denial of Service

]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-51591 - Pandoc SSRF Vulnerability

]]>

Fri, 11 Jul 2025 14:15:00 GMT

read more

CVE-2025-53861 - Ansible Cookie Transmission Vulnerability

]]>

Fri, 11 Jul 2025 13:15:00 GMT

read more

CVE-2025-53862 - Ansible Unauthenticated Information Disclosure

]]>

Fri, 11 Jul 2025 13:15:00 GMT

read more

CVE-2025-6788 - Apache TGML Diagram Resource Exposure Vulnerability

]]>

Fri, 11 Jul 2025 12:15:00 GMT

read more

CVE-2025-50124 - Apache Server Privilege Escalation Vulnerability

]]>

Fri, 11 Jul 2025 11:15:00 GMT

read more

CVE-2025-50125 - Apache Server-Side Request Forgery (SSRF) Remote Code Execution

]]>

Fri, 11 Jul 2025 11:15:00 GMT

read more

CVE-2025-3933 - Hugging Face Transformers DonutProcessor ReDoS Vulnerability

]]>

Fri, 11 Jul 2025 10:15:00 GMT

read more

CVE-2025-50121 - Apache HTTP Server OS Command Injection

]]>

Fri, 11 Jul 2025 10:15:00 GMT

read more

CVE-2025-50122 - OpenSSH Root Password Discovery Vulnerability

]]>

Fri, 11 Jul 2025 10:15:00 GMT

read more

CVE-2025-50123 - Juniper Networks Code Injection Vulnerability

]]>

Fri, 11 Jul 2025 10:15:00 GMT

read more

CVE-2025-6438 - Apache SOAP XML External Entity Reference Vulnerability

]]>

Fri, 11 Jul 2025 09:15:00 GMT

read more

CVE-2025-6838 - WordPress Broken Link Notifier CSV Injection Vulnerability

]]>

Fri, 11 Jul 2025 09:15:00 GMT

read more

CVE-2025-6851 - "WordPress Broken Link Notifier SSRF"

]]>

Fri, 11 Jul 2025 09:15:00 GMT

read more

CVE-2025-4593 - WordPress WP Register Profile With Shortcode Sensitive Information Exposure

]]>

Fri, 11 Jul 2025 08:15:00 GMT

read more

CVE-2025-5530 - WPC Smart Compare for WooCommerce Stored Cross-Site Scripting Vulnerability

]]>

Fri, 11 Jul 2025 08:15:00 GMT

read more

CVE-2025-6068 - FooGallery WordPress Stored Cross-Site Scripting Vulnerability

]]>

Fri, 11 Jul 2025 08:15:00 GMT

read more

CVE-2025-6745 - WoodMart WordPress Information Exposure Vulnerability

]]>

Fri, 11 Jul 2025 08:15:00 GMT

read more

CVE-2025-7442 - "Wordpress Gym Management System SQL Injection Vulnerability"

]]>

Fri, 11 Jul 2025 08:15:00 GMT

read more

CVE-2025-5028 - ESET Windows Installation File Privilege Escalation Vulnerability

]]>

Fri, 11 Jul 2025 07:15:00 GMT

read more

CVE-2025-5392 - "WordPress GB Forms DB Remote Code Execution"

]]>

Fri, 11 Jul 2025 07:15:00 GMT

read more

CVE-2025-5992 - Qt QColorTransferGenericFunction ICC Profile Denial of Service

]]>

Fri, 11 Jul 2025 07:15:00 GMT

read more

CVE-2025-6716 - WordPress Photos Plugin Stored Cross-Site Scripting

]]>

Fri, 11 Jul 2025 07:15:00 GMT

read more

CVE-2025-30024 - Apache HTTP Server SSL/TLS Man-in-the-Middle Attack

]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-30025 - Apache Service Control Local Privilege Escalation

]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-30026 - AXIS Camera Station Authentication Bypass Vulnerability

]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-6200 - GeoDirectory Stored Cross-Site Scripting Vulnerability

]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-2942 - WordPress Order Delivery Date Information Disclosure Vulnerability

]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-30023 - Apache Server Remote Code Execution Vulnerability

]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-7401 - WordPress Premium Age Verification/Restriction Remote File Read/Write Vulnerability

]]>

Fri, 11 Jul 2025 05:15:00 GMT

read more

CVE-2025-53848 - Apache HTTP Server Cross-Site Request Forgery

]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-53849 - Apache HTTP Server Remote Code Execution

]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-53850 - OpenVAS Scanner Not Used

]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-53851 - "Apache Struts Unvalidated Deserialization"

]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-53852 - Apache HTTP Server Remote Code Execution

]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-7436 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-53864 - Connect2id Nimbus JOSE+JWT Denial of Service Recursive JSON Object Vulnerability

]]>

Fri, 11 Jul 2025 03:16:00 GMT

read more

CVE-2025-7435 - LiveHelperChat lhc-php-resque Extension Cross-Site Scripting Vulnerability

]]>

Fri, 11 Jul 2025 03:16:00 GMT

read more

CVE-2025-7434 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 11 Jul 2025 02:15:00 GMT

read more

CVE-2025-5241 - Mitsubishi Electric Corporation MELSEC iQ-F Series Account Lockout Bypass

]]>

Fri, 11 Jul 2025 01:15:00 GMT

read more

CVE-2025-7421 - Tenda O3V2 HTTPd Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 11 Jul 2025 01:15:00 GMT

read more

CVE-2025-7422 - Tenda O3V2 HTTPD Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 11 Jul 2025 01:15:00 GMT

read more

CVE-2025-7423 - Tenda O3V2 Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 11 Jul 2025 01:15:00 GMT

read more

CVE-2025-7420 - Tenda O3V2 HTTPd Stack-Based Buffer Overflow

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53475 - Advantech iView SQL Injection and Remote Code Execution Vulnerability

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53509 - Advantech iView Argument Injection Vulnerability

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53515 - Advantech iView SQL Injection and Remote Code Execution Vulnerability

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53519 - Advantech iView Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-50109 - Emerson ValveLink Cleartext Data Exposure

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-52459 - Advantech iView Argument Injection Vulnerability

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-52577 - Advantech iView SQL Injection and Remote Code Execution Vulnerability

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-52579 - Emerson ValveLink Information Disclosure

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53397 - Advantech iView Reflected Cross-Site Scripting Vulnerability

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53471 - Emerson ValveLink Input Validation Bypass

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-41442 - Advantech iView Reflected Cross-Site Scripting Vulnerability

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-46358 - Emerson ValveLink Inadequate Protection Mechanism Vulnerability

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-46704 - Advantech iView Directory Traversal Vulnerability

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-48496 - Emerson ValveLink Path Traversal Vulnerability

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-48891 - Advantech iView SQL Injection

]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

Fuite de données chez Centre National de la Fonction Publique Territoriale

]]>

Fri Jul 11 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-7418 - Tenda O3V2 HTTPd destIP Stack-Based Buffer Overflow

]]>

Thu, 10 Jul 2025 23:15:00 GMT

read more

CVE-2025-7419 - Tenda O3V2 HTTPd DestIP Stack-Based Buffer Overflow

]]>

Thu, 10 Jul 2025 23:15:00 GMT

read more

CVE-2025-1727 - Amtrak FRED Protocol BCH Checksum Vulnerability

]]>

Thu, 10 Jul 2025 23:15:00 GMT

read more

CVE-2025-31267 - Apple App Store Connect Physical Access Authentication Bypass

]]>

Thu, 10 Jul 2025 23:15:00 GMT

read more

CVE-2025-24798 - Meshtastic Route Crash Vulnerability (Denial of Service)

]]>

Thu, 10 Jul 2025 22:15:00 GMT

read more

CVE-2025-53637 - Meshtastic Code Injection Vulnerability

]]>

Thu, 10 Jul 2025 22:15:00 GMT

read more

CVE-2025-6392 - Brocade SANnav Clear Text Database Password Logging Vulnerability

]]>

Thu, 10 Jul 2025 22:15:00 GMT

read more

CVE-2025-7416 - Tenda O3V2 HTTPd Stack-Based Buffer Overflow Vulnerability

]]>

Thu, 10 Jul 2025 22:15:00 GMT

read more

CVE-2025-7417 - Tenda O3V2 HTTPd Stack-Based Buffer Overflow

]]>

Thu, 10 Jul 2025 22:15:00 GMT

read more

CVE-2025-2521 - Honeywell Experion PKS and OneWireless WDM Remote Code Execution Buffer Overflow

]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-2522 - Honeywell Experion PKS and OneWireless WDM Sensitive Information Disclosure and Communication Channel Manipulation Vulnerability

]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-2523 - "Honeywell Experion PKS and OneWireless WDM Integer Underflow Vulnerability Allows Remote Code Execution"

]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-3946 - Honeywell Experion PKS and OneWireless WDM Remote Code Execution via Input Data Manipulation

]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-3947 - Honeywell Experion PKS Control Data Access Integer Underflow Denial of Service

]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-4662 - Brocade SANnav Plaintext Passphrase Disclosure

]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-6390 - Brocade SANnav Password Storage Vulnerability

]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-7414 - Tenda O3V2 HTTPd Os Command Injection Vulnerability

]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-7415 - Tenda O3V2 HTTPd Command Injection Vulnerability

]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-53630 - LLama Integer Overflow Leads to Heap Out-of-Bounds Read/Write

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53632 - Chall-Manager Zip Slip Vulnerability

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53633 - Chall-Manager Zip Bomb Vulnerability

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53634 - Chall-Manager Unauthenticated HTTP Gateway Slow Loris Denial of Service

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-7021 - OpenAI Operator SaaS Fullscreen API Spoofing and UI Redressing

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-7412 - "Code-Projects Library System Unrestricted File Upload Vulnerability"

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-7413 - Code-projects Library System Unrestricted File Upload Vulnerability

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34098 - Riverbed SteelHead VCX Path Traversal Vulnerability

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34099 - "VICIdial Command Injection Vulnerability"

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34100 - BuilderEngine Unauthenticated Remote Code Execution via Unrestricted File Upload

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34101 - Serviio Media Server Unauthenticated Command Injection Vulnerability

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34102 - "CryptoLog PHP Remote Code Execution via Chained SQL Injection and Command Injection"

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-45662 - Mpgram Web XSS Vulnerability

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53506 - Apache Tomcat HTTP/2 Uncontrolled Resource Consumption Denial of Service

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53628 - cpp-httplib Unbounded Line Memory Allocation Buffer Overflow

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53629 - cpp-httplib Chunked Request Memory Exhaustion Vulnerability

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-2520 - Honeywell Experion PKS Uninitialized Variable Denial of Service

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34093 - Polycom HDX Series Telnet Command Shell Injection Vulnerability

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34095 - Mako Server OS Command Injection Vulnerability

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34096 - Easy File Sharing HTTP Server HTTP Stack Buffer Overflow

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34097 - ProcessMaker Unrestricted File Upload Vulnerability (Remote Code Execution)

]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53625 - MediaWiki DynamicPageList3 Username Information Disclosure Vulnerability

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53626 - Pdfme Expression Evaluation Sandbox Escape and Prototype Pollution Vulnerability

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53709 - "Apache Secure-Upload Token Validation Bypass, Privilege Escalation, and Information Disclosure Vulnerabilities"

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-7411 - Code-projects LifeStyle Store SQL Injection Vulnerability

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-28243 - Alteryx Server HTML Injection Vulnerability

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-28244 - Alteryx Server Insecure Permissions Local Storage Vulnerability

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-28245 - Alteryx Server XSS Injection

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-52434 - Apache Tomcat APR/Native Connector HTTP/2 Race Condition

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-52473 - Liboqs HQC Key Encapsulation Mechanism Secret-Dependent Branch Vulnerability

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-52520 - Apache Tomcat Integer Overflow DoS

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-52521 - Trend Micro Security Link Following Local Privilege Escalation Vulnerability

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-52837 - Trend Micro Password Manager Link Following Privilege Escalation Vulnerability

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53378 - Trend Micro Worry-Free Business Security Services Agent Unauthenticated Remote Command Execution Vulnerability

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53503 - Trend Micro Cleaner One Pro Privilege Escalation Vulnerability

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53542 - "Kubernetes Headlamp macOS Packaging Command Injection Vulnerability"

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53549 - Matrix Rust SDK SQL Injection

]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53371 - DiscordNotifications SSRF and DOS

]]>

Thu, 10 Jul 2025 18:15:00 GMT

read more

CVE-2025-49462 - Zoom Cross-Site Scripting Vulnerability

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-49463 - Zoom iOS Network Information Disclosure Vulnerability

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-49464 - Zoom Windows Denial of Service Buffer Overflow

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-49630 - Apache HTTP Server mod_proxy_http2 Denial of Service Vulnerability

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-49812 - Apache HTTP Server mod_ssl TLS Desynchronisation Hijack Vulnerability

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-53020 - Apache HTTP Server Memory Disclosure

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-7409 - Code-projects Mobile Shop SQL Injection Vulnerability

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-7410 - Code-projects LifeStyle Store SQL Injection Vulnerability

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2024-42516 - Apache HTTP Server HTTP Response Splitting

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2024-43204 - Apache HTTP Server mod_proxy SSRF

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2024-43394 - Apache HTTP Server Windows SSRF NTLM Hash Leak

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2024-47252 - Apache HTTP Server mod_ssl Untrusted Client Data Injection

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-23048 - Apache HTTP Server mod_ssl TLS 1.3 Session Resumption Access Control Bypass

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-27889 - Wing FTP Server URL Parameter Injection

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-47811 - Wing FTP Server Privilege Escalation Vulnerability

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-47812 - Wing FTP Server Lua Code Injection Vulnerability

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-47813 - Wing FTP Server Path Disclosure Vulnerability

]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-46788 - Zoom Workplace Certificate Validation Information Disclosure Vulnerability

]]>

Thu, 10 Jul 2025 16:15:00 GMT

read more

CVE-2025-46789 - Zoom Windows Buffer Overflow Denial of Service

]]>

Thu, 10 Jul 2025 16:15:00 GMT

read more

CVE-2025-53364 - Parse Server GraphQL API Unauthenticated Schema Introspection

]]>

Thu, 10 Jul 2025 16:15:00 GMT

read more

CVE-2025-6395 - GnuTLS NULL Pointer Dereference Vulnerability

]]>

Thu, 10 Jul 2025 16:15:00 GMT

read more

CVE-2025-7365 - Keycloak Email Hijacking Vulnerability

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-7370 - Libsoup Cookie Parsing NULL Pointer Dereference Vulnerability

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-7408 - SourceCodester Zoo Management System Cross-Site Scripting Vulnerability

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-46835 - Git GUI Directory Traversal Write Permission Vulnerability

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2024-37524 - IBM Analytics Content Hub Information Disclosure

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2024-38327 - IBM Analytics Content Hub Exposed JavaScript Source Map Information Disclosure

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2024-39752 - IBM Analytics Content Hub File Upload Vulnerability (Remote Code Execution)

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-27613 - Gitk File Truncation Vulnerability

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-27614 - Gitk Command Injection Vulnerability

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-36090 - IBM Analytics Content Hub Information Disclosure Vulnerability

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-44251 - Ecovacs Deebot Wi-Fi Credential Transmission Vulnerability

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-46334 - Git GUI Path Injection Vulnerability

]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2024-36697 - Allworx System Software Cross-Site Scripting Vulnerability

]]>

Thu, 10 Jul 2025 14:15:00 GMT

read more

CVE-2025-7407 - Netgear D6400 OS Command Injection Vulnerability

]]>

Thu, 10 Jul 2025 14:15:00 GMT

read more

CVE-2025-7424 - "Libxslt Type Confusion Memory Corruption Vulnerability"

]]>

Thu, 10 Jul 2025 14:15:00 GMT

read more

CVE-2025-7425 - Libxslt Heap Corruption Vulnerability

]]>

Thu, 10 Jul 2025 14:15:00 GMT

read more

CVE-2025-6211 - "DocugamiReader MD5 Hash Collision Vulnerability"

]]>

Thu, 10 Jul 2025 13:15:00 GMT

read more

CVE-2025-5037 - Autodesk Revit Memory Corruption Vulnerability

]]>

Thu, 10 Jul 2025 12:15:00 GMT

read more

CVE-2025-5040 - Autodesk Revit Heap-Based Overflow Vulnerability

]]>

Thu, 10 Jul 2025 12:15:00 GMT

read more

Microsoft, Cybermalveillance.gouv.fr et la section de lutte contre la cybercriminalité du Parquet de Paris appellent à se mobiliser contre les arnaques au faux support technique

]]>

Thu, 10 Jul 2025 10:22:00 GMT

read more

CVE-2024-7650 - OpenText Directory Services Code Injection Vulnerability

]]>

Thu, 10 Jul 2025 10:15:00 GMT

read more

CVE-2025-32990 - GnuTLS Heap-Buffer-Overflow Vulnerability

]]>

Thu, 10 Jul 2025 10:15:00 GMT

read more

CVE-2025-5022 - Mitsubishi Electric Corporation EcoGuideTAB PV-DR004J/PV-DR004JA Wi-Fi Password Derivation Vulnerability

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-5023 - Mitsubishi Electric Corporation EcoGuideTAB Photovoltaic System Monitor Hard-coded Credentials Backdoor

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-6168 - GitLab EE Group-level User Invitation Bypass Vulnerability

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-6948 - GitLab Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38335 - Linux Kernel gpio-keys Soft Lockup Vulnerability

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38336 - VIA ata DMA Hard Hang Vulnerability

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38337 - Linux Kernel jbd2 Null Pointer Dereference and Data Race Vulnerability

h_transaction may be a NULL pointer, so we should change it to call is_handle_aborted(handle) first before dereferencing it. And the following data-race was reported in my fuzzer: ================================================================== BUG: KCSAN: data-race in jbd2_journal_dirty_metadata / jbd2_journal_dirty_metadata write to 0xffff888011024104 of 4 bytes by task 10881 on cpu 1: jbd2_journal_dirty_metadata+0x2a5/0x770 fs/jbd2/transaction.c:1556 __ext4_handle_dirty_metadata+0xe7/0x4b0 fs/ext4/ext4_jbd2.c:358 ext4_do_update_inode fs/ext4/inode.c:5220 [inline] ext4_mark_iloc_dirty+0x32c/0xd50 fs/ext4/inode.c:5869 __ext4_mark_inode_dirty+0xe1/0x450 fs/ext4/inode.c:6074 ext4_dirty_inode+0x98/0xc0 fs/ext4/inode.c:6103 .... read to 0xffff888011024104 of 4 bytes by task 10880 on cpu 0: jbd2_journal_dirty_metadata+0xf2/0x770 fs/jbd2/transaction.c:1512 __ext4_handle_dirty_metadata+0xe7/0x4b0 fs/ext4/ext4_jbd2.c:358 ext4_do_update_inode fs/ext4/inode.c:5220 [inline] ext4_mark_iloc_dirty+0x32c/0xd50 fs/ext4/inode.c:5869 __ext4_mark_inode_dirty+0xe1/0x450 fs/ext4/inode.c:6074 ext4_dirty_inode+0x98/0xc0 fs/ext4/inode.c:6103 .... value changed: 0x00000000 -> 0x00000001 ================================================================== This issue is caused by missing data-race annotation for jh->b_modified. Therefore, the missing annotation needs to be added. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38338 - "NFS Linux Kernel Deadlock and Unlocked Folio Vulnerability"

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38339 - Linux Kernel PowerPC BPF Trampoline JIT Code Size Calculation Vulnerability

idx] > (u32 *)rw_image_end - BPF_INSN_SAFETY)) { So, during the dummy pass, instead of providing some arbitrary image location, account for maximum possible instructions if and when there is a dependency with image location for JIT'ing. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38340 - "Linux Firmware cs_dsp Out-of-Bounds Memory Read Vulnerability"

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38341 - Linux Kernel Eth fbnic Double Free Vulnerability

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38342 - Linux Kernel Out-of-Bounds Vulnerability in software_node_get_reference_args

prop->length)'. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38343 - "TP-Link MT76 WiFi Driver Multicast Broadcast RA Fragmentation Vulnerability"

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38344 - Intel ACPI Cache Leak

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38345 - "Intel Virtual Box ACPICA Illegal I/O Port Address/Length Vulnerability"

[ 0.585957] ACPI: Added _OSI(Module Device) >[ 0.587218] ACPI: Added _OSI(Processor Device) >[ 0.588530] ACPI: Added _OSI(3.0 _SCP Extensions) >[ 0.589790] ACPI: Added _OSI(Processor Aggregator Device) >[ 0.591534] ACPI Error: Illegal I/O port address/length above 64K: C806E00000004002/0x2 (20170303/hwvalid-155) >[ 0.594351] ACPI Exception: AE_LIMIT, Unable to initialize fixed events (20170303/evevent-88) >[ 0.597858] ACPI: Unable to start the ACPI Interpreter >[ 0.599162] ACPI Error: Could not remove SCI handler (20170303/evmisc-281) >[ 0.601836] kmem_cache_destroy Acpi-Operand: Slab cache still has objects >[ 0.603556] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.12.0-rc5 #26 >[ 0.605159] Hardware name: innotek gmb_h virtual_box/virtual_box, BIOS virtual_box 12/01/2006 >[ 0.609177] Call Trace: >[ 0.610063] ? dump_stack+0x5c/0x81 >[ 0.611118] ? kmem_cache_destroy+0x1aa/0x1c0 >[ 0.612632] ? acpi_sleep_proc_init+0x27/0x27 >[ 0.613906] ? acpi_os_delete_cache+0xa/0x10 >[ 0.617986] ? acpi_ut_delete_caches+0x3f/0x7b >[ 0.619293] ? acpi_terminate+0xa/0x14 >[ 0.620394] ? acpi_init+0x2af/0x34f >[ 0.621616] ? __class_create+0x4c/0x80 >[ 0.623412] ? video_setup+0x7f/0x7f >[ 0.624585] ? acpi_sleep_proc_init+0x27/0x27 >[ 0.625861] ? do_one_initcall+0x4e/0x1a0 >[ 0.627513] ? kernel_init_freeable+0x19e/0x21f >[ 0.628972] ? rest_init+0x80/0x80 >[ 0.630043] ? kernel_init+0xa/0x100 >[ 0.631084] ? ret_from_fork+0x25/0x30 >[ 0.633343] vgaarb: loaded >[ 0.635036] EDAC MC: Ver: 3.0.0 >[ 0.638601] PCI: Probing PCI hardware >[ 0.639833] PCI host bridge to bus 0000:00 >[ 0.641031] pci_bus 0000:00: root bus resource [io 0x0000-0xffff] > ... Continue to boot and log is omitted ... I analyzed this memory leak in detail and found acpi_ds_obj_stack_pop_and_ delete() function miscalculated the top of the stack. acpi_ds_obj_stack_push() function uses walk_state->operand_index for start position of the top, but acpi_ds_obj_stack_pop_and_delete() function considers index 0 for it. Therefore, this causes acpi operand memory leak. This cache leak causes a security threat because an old kernel ( 4.9) shows memory locations of kernel functions in stack dump. Some malicious users could use this information to neutralize kernel ASLR. I made a patch to fix ACPI operand cache leak. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38346 - Linux kernel ftrace UAF Vulnerability

Will trigger UAF as test.ko already removed; ftrace_mod_get_kallsym() ... strscpy(module_name, mod_map->mod->name, MODULE_NAME_LEN); ... The problem is when a module triggers an issue with ftrace and sets ftrace_disable. The ftrace_disable is set when an anomaly is discovered and to prevent any more damage, ftrace stops all text modification. The issue that happened was that the ftrace_disable stops more than just the text modification. When a module is loaded, its init functions can also be traced. Because kallsyms deletes the init functions after a module has loaded, ftrace saves them when the module is loaded and function tracing is enabled. This allows the output of the function trace to show the init function names instead of just their raw memory addresses. When a module is removed, ftrace_release_mod() is called, and if ftrace_disable is set, it just returns without doing anything more. The problem here is that it leaves the mod_list still around and if kallsyms is called, it will call into this code and access the module memory that has already been freed as it will return: strscpy(module_name, mod_map->mod->name, MODULE_NAME_LEN); Where the "mod" no longer exists and triggers a UAF bug. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38347 - F2FS Inline Data Corruption Denial of Service (DoS) Vulnerability

/proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor140 state:D stack:24016 pid:5308 tgid:5308 ppid:5306 task_flags:0x400140 flags:0x00000006 Call Trace: context_switch kernel/sched/core.c:5378 [inline] __schedule+0x190e/0x4c90 kernel/sched/core.c:6765 __schedule_loop kernel/sched/core.c:6842 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6857 io_schedule+0x8d/0x110 kernel/sched/core.c:7690 folio_wait_bit_common+0x839/0xee0 mm/filemap.c:1317 __folio_lock mm/filemap.c:1664 [inline] folio_lock include/linux/pagemap.h:1163 [inline] __filemap_get_folio+0x147/0xb40 mm/filemap.c:1917 pagecache_get_page+0x2c/0x130 mm/folio-compat.c:87 find_get_page_flags include/linux/pagemap.h:842 [inline] f2fs_grab_cache_page+0x2b/0x320 fs/f2fs/f2fs.h:2776 __get_node_page+0x131/0x11b0 fs/f2fs/node.c:1463 read_xattr_block+0xfb/0x190 fs/f2fs/xattr.c:306 lookup_all_xattrs fs/f2fs/xattr.c:355 [inline] f2fs_getxattr+0x676/0xf70 fs/f2fs/xattr.c:533 __f2fs_get_acl+0x52/0x870 fs/f2fs/acl.c:179 f2fs_acl_create fs/f2fs/acl.c:375 [inline] f2fs_init_acl+0xd7/0x9b0 fs/f2fs/acl.c:418 f2fs_init_inode_metadata+0xa0f/0x1050 fs/f2fs/dir.c:539 f2fs_add_inline_entry+0x448/0x860 fs/f2fs/inline.c:666 f2fs_add_dentry+0xba/0x1e0 fs/f2fs/dir.c:765 f2fs_do_add_link+0x28c/0x3a0 fs/f2fs/dir.c:808 f2fs_add_link fs/f2fs/f2fs.h:3616 [inline] f2fs_mknod+0x2e8/0x5b0 fs/f2fs/namei.c:766 vfs_mknod+0x36d/0x3b0 fs/namei.c:4191 unix_bind_bsd net/unix/af_unix.c:1286 [inline] unix_bind+0x563/0xe30 net/unix/af_unix.c:1379 __sys_bind_socket net/socket.c:1817 [inline] __sys_bind+0x1e4/0x290 net/socket.c:1848 __do_sys_bind net/socket.c:1853 [inline] __se_sys_bind net/socket.c:1851 [inline] __x64_sys_bind+0x7a/0x90 net/socket.c:1851 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Let's dump and check metadata of corrupted inode, it shows its xattr_nid is the same to its i_ino. dump.f2fs -i 3 chaseyu.img.raw i_xattr_nid [0x 3 : 3] So that, during mknod in the corrupted directory, it tries to get and lock inode page twice, result in deadlock. - f2fs_mknod - f2fs_add_inline_entry - f2fs_get_inode_page --- lock dir's inode page - f2fs_init_acl - f2fs_acl_create(dir,..) - __f2fs_get_acl - f2fs_getxattr - lookup_all_xattrs - __get_node_page --- try to lock dir's inode page In order to fix this, let's add sanity check on ino and xnid. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38348 - "Intersil p54 WiFi Interface Buffer Overflow Vulnerability"

v1.len, p54_rx_eeprom_readback() will copy data from the |message beyond the end of priv->eeprom. | |static void p54_rx_eeprom_readback(struct p54_common *priv, | struct sk_buff *skb) |{ | struct p54_hdr *hdr = (struct p54_hdr *) skb->data; | struct p54_eeprom_lm86 *eeprom = (struct p54_eeprom_lm86 *) hdr->data; | | if (priv->fw_var >= 0x509) { | memcpy(priv->eeprom, eeprom->v2.data, | le16_to_cpu(eeprom->v2.len)); | } else { | memcpy(priv->eeprom, eeprom->v1.data, | le16_to_cpu(eeprom->v1.len)); | } | [...] The eeprom->v{1,2}.len is set by the driver in p54_download_eeprom(). The device is supposed to provide the same length back to the driver. But yes, it's possible (like shown in the report) to alter the value to something that causes a crash/panic due to overrun. This patch addresses the issue by adding the size to the common device context, so p54_rx_eeprom_readback no longer relies on possibly tampered values... That said, it also checks if the "firmware" altered the value and no longer copies them. The one, small saving grace is: Before the driver tries to read the eeprom, it needs to upload >a firmware. the vendor firmware has a proprietary license and as a reason, it is not present on most distributions by default. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-3396 - GitLab EE API Request Forgery Vulnerability

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-4972 - GitLab EE Group Invitation Privilege Escalation Vulnerability

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38332 - IBM lpfc String Buffer Overflow Vulnerability

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38333 - F2FS Linux Kernel Inconsistent Segment Status Information Disclosure

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38334 - Linux Kernel SGX: Poisoned Page Reclaimer Vulnerability

poison set in arch_memory_failure() but they currently stay on sgx_active_page_list until sgx_encl_release(), with the SGX_EPC_PAGE_RECLAIMER_TRACKED flag untouched. epc_page->poison is not checked in the reclaimer logic meaning that, if other conditions are met, an attempt will be made to reclaim an EPC page that was poisoned. This is bad because 1. we don't want that page to end up added to another enclave and 2. it is likely to cause one core to shut down and the kernel to panic. Specifically, reclaiming uses microcode operations including "EWB" which accesses the EPC page contents to encrypt and write them out to non-SGX memory. Those operations cannot handle MCEs in their accesses other than by putting the executing core into a special shutdown state (affecting both threads with HT.) The kernel will subsequently panic on the remaining cores seeing the core didn't enter MCE handler(s) in time. Call sgx_unmark_page_reclaimable() to remove the affected EPC page from sgx_active_page_list on memory error to stop it being considered for reclaiming. Testing epc_page->poison in sgx_reclaim_pages() would also work but I assume it's better to add code in the less likely paths. The affected EPC page is not added to &node->sgx_poison_page_list until later in sgx_encl_release()->sgx_free_epc_page() when it is EREMOVEd. Membership on other lists doesn't change to avoid changing any of the lists' semantics except for sgx_active_page_list. There's a "TBD" comment in arch_memory_failure() about pre-emptive actions, the goal here is not to address everything that it may imply. This also doesn't completely close the time window when a memory error notification will be fatal (for a not previously poisoned EPC page) -- the MCE can happen after sgx_reclaim_pages() has selected its candidates or even *inside* a microcode operation (actually easy to trigger due to the amount of time spent in them.) The spinlock in sgx_unmark_page_reclaimable() is safe because memory_failure() runs in process context and no spinlocks are held, explicitly noted in a mm/memory-failure.c comment. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38330 - Linux Kernel Firmware cs_dsp Out-of-Bounds Memory Read Vulnerability

]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38331 - "Cortina Ethernet NetEngine TCP Offload Engine Segmentation Quirk"

len to the "TOE/TSO" offloader and it will handle them. Without this quirk the driver becomes unstable and lock up and and crash. I do not know exactly why, but it is probably due to the TOE (TCP offload engine) feature that is coupled with the segmentation feature - it is not possible to turn one part off and not the other, either both TOE and TSO are active, or neither of them. Not having the TOE part active seems detrimental, as if that hardware feature is not really supposed to be turned off. The datasheet says: "Based on packet parsing and TCP connection/NAT table lookup results, the NetEngine puts the packets belonging to the same TCP connection to the same queue for the software to process. The NetEngine puts incoming packets to the buffer or series of buffers for a jumbo packet. With this hardware acceleration, IP/TCP header parsing, checksum validation and connection lookup are offloaded from the software processing." After numerous tests with the hardware locking up after something between minutes and hours depending on load using iperf3 I have concluded this is necessary to stabilize the hardware. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-6234 - Hostel WordPress Reflected Cross-Site Scripting Vulnerability

]]>

Thu, 10 Jul 2025 06:15:00 GMT

read more

CVE-2025-6236 - Hostel WordPress Stored Cross-Site Scripting Vulnerability

]]>

Thu, 10 Jul 2025 06:15:00 GMT

read more

CVE-2025-7387 - Lana Downloads Manager Stored Cross-Site Scripting Vulnerability

]]>

Thu, 10 Jul 2025 06:15:00 GMT

read more

CVE-2023-50458 - Dradis Output Console Job Queue Information Disclosure

]]>

Thu, 10 Jul 2025 04:15:00 GMT

read more

CVE-2025-35983 - Cisco Controller 7000 Certificate Validation Denial of Service

]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-44003 - Gallagher T-Series Reader Resource Exhaustion Denial of Service

]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-46406 - "Schneider Electric Command Centre Server Privilege Escalation"

]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53746 - Apache HTTP Server Unvalidated User Input

]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53747 - Citrix WebApp

]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53748 - Apache HTTP Server Authentication Bypass

]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53749 - Not used Weblogic Server Authentication Bypass

]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53750 - Apache HTTP Server Authentication Bypass

]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53751 - Adobe Flash Unvalidated User Input

]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53752 - Apache HTTP Server Unvalidated User Input

]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53753 - Apple Safari Cross-Site Scripting

]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-4406 - WordPress wpForo Forum Stored Cross-Site Scripting

]]>

Thu, 10 Jul 2025 02:15:00 GMT

read more

CVE-2025-5807 - WordPress Gwolle Guestbook Stored Cross-Site Scripting Vulnerability

]]>

Thu, 10 Jul 2025 02:15:00 GMT

read more

CVE-2024-10391 - Apache HTTP Server Remote Code Execution

]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-0139 - Palo Alto Networks Autonomous Digital Experience Manager Privilege Escalation Vulnerability

]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-0140 - Palo Alto Networks GlobalProtect App Privilege Escalation Vulnerability

]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-0141 - Palo Alto Networks GlobalProtect™ App Privilege Escalation Vulnerability

]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-0646 - Apache HTTP Server Command Injection

]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-6970 - WordPress Events Manager SQL Injection

]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-6975 - WordPress Events Manager - Reflected Cross-Site Scripting Vulnerability

]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-6976 - WordPress Events Manager - Stored Cross-Site Scripting Vulnerability

]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-53624 - Docusaurus GitHub Gists Plugin Exposes Personal Access Tokens

]]>

Wed, 09 Jul 2025 21:15:00 GMT

read more

CVE-2025-6376 - Rockwell Automation Arena® Remote Code Execution Vulnerability

]]>

Wed, 09 Jul 2025 21:15:00 GMT

read more

CVE-2025-6377 - Rockwell Automation Arena® Remote Code Execution Vulnerability

]]>

Wed, 09 Jul 2025 21:15:00 GMT

read more

CVE-2025-52357 - FiberHome FD602GW-DX-R410 Router Ping Diagnostic XSS

]]>

Wed, 09 Jul 2025 20:15:00 GMT

read more

CVE-2021-27961 - Evesys Reflected Cross-Site Scripting (XSS)

]]>

Wed, 09 Jul 2025 19:15:00 GMT

read more

CVE-2025-36599 - Dell PowerFlex Manager VM Log File Information Disclosure

]]>

Wed, 09 Jul 2025 19:15:00 GMT

read more

CVE-2025-53620 - Builder.io Qwik City Denial of Service (DoS)

]]>

Wed, 09 Jul 2025 19:15:00 GMT

read more

CVE-2025-53548 - Clerk Webhook Signature Validation Bypass

]]>

Wed, 09 Jul 2025 18:15:00 GMT

read more

CVE-2025-44525 - Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK BLE Denial of Service Vulnerability

]]>

Wed, 09 Jul 2025 17:15:00 GMT

read more

CVE-2025-53645 - Zimbra Collaboration Suite Denial of Service Vulnerability

]]>

Wed, 09 Jul 2025 17:15:00 GMT

read more

CVE-2025-53675 - Jenkins Warrior Framework Plugin Unencrypted Password Storage Vulnerability

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53676 - Jenkins Xooa Plugin Unencrypted Configuration File Storage

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53677 - Jenkins Xooa Plugin Information Disclosure

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53678 - Jenkins uTester Plugin JWT Token Storage Vulnerability

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53742 - Jenkins Applitools Eyes Plugin API Key Exposure

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53743 - Jenkins Applitools Eyes Plugin API Key Disclosure

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-7381 - Apache PHP Information Disclosure

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53667 - Jenkins Dead Man's Snitch Plugin Token Disclosure Vulnerability

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53668 - Jenkins VAddy Plugin Unencrypted API Auth Key Storage

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53669 - Jenkins VAddy Plugin Information Disclosure Vulnerability

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53670 - Jenkins Nouvola DiveCloud Plugin Unencrypted Credentials Storage Vulnerability

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53671 - Jenkins Nouvola DiveCloud Plugin Information Disclosure

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53672 - Jenkins Kryptowire Plugin Unencrypted API Key Storage

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53673 - Jenkins Sensedia Api Platform tools Plugin Credentials Exposure

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53674 - Jenkins Sensedia Api Platform tools Plugin Information Disclosure Vulnerability

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53663 - Jenkins IBM Cloud DevOps Plugin Unencrypted Token Storage Vulnerability

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53664 - Jenkins Apica Loadtest Plugin Unencrypted Authentication Token Storage Vulnerability

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53665 - Jenkins Apica Loadtest Plugin Authentication Token Information Disclosure

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53666 - Jenkins Dead Man's Snitch Plugin Unencrypted Token Storage

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53660 - Jenkins QMetry Test Management Plugin Information Disclosure

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53661 - Jenkins Testsigma Test Plan Run Plugin API Key Exposure Vulnerability

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53662 - Jenkins IFTTT Build Notifier Plugin Authentication Bypass

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53659 - Jenkins QMetry Test Management Plugin API Key Exposure

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53657 - Jenkins ReadyAPI Functional Testing Plugin Information Disclosure

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53658 - Jenkins Applitools Eyes Plugin Stored XSS

]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-1112 - IBM OpenPages with Watson Information Disclosure Vulnerability

]]>

Wed, 09 Jul 2025 15:15:00 GMT

read more

CVE-2025-2670 - IBM OpenPages Information Disclosure Vulnerability

]]>

Wed, 09 Jul 2025 15:15:00 GMT

read more

CVE-2025-52364 - Tenda CP3 Pro Telnet Insecure Permissions Vulnerability

]]>

Wed, 09 Jul 2025 15:15:00 GMT

read more

CVE-2025-53546 - GitHub Folo GitHub Token Exfiltration Vulnerability

]]>

Wed, 09 Jul 2025 15:15:00 GMT

read more

CVE-2025-7204 - ConnectWise PSA: Unauthenticated Password Hash Disclosure

]]>

Wed, 09 Jul 2025 15:15:00 GMT

read more

CVE-2025-6514 - MCP-remote OS Command Injection Vulnerability

]]>

Wed, 09 Jul 2025 13:15:00 GMT

read more

CVE-2025-38246 - "Broadcom bnxt Enet XDP Redirect List Corruption Vulnerability"

prev should be prev (ffff93120dd40f30), but was ffffb301ef3a6740. (next=ffff93120dd 40f30). [56251.601413] ------------[ cut here ]------------ [56251.611357] kernel BUG at lib/list_debug.c:29! [56251.621082] Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [56251.632073] CPU: 111 UID: 0 PID: 0 Comm: swapper/111 Kdump: loaded Tainted: P O 6.12.33-cloudflare-2025.6. 3 #1 [56251.653155] Tainted: [P]=PROPRIETARY_MODULE, [O]=OOT_MODULE [56251.663877] Hardware name: MiTAC GC68B-B8032-G11P6-GPU/S8032GM-HE-CFR, BIOS V7.020.B10-sig 01/22/2025 [56251.682626] RIP: 0010:__list_add_valid_or_report+0x4b/0xa0 [56251.693203] Code: 0e 48 c7 c7 68 e7 d9 97 e8 42 16 fe ff 0f 0b 48 8b 52 08 48 39 c2 74 14 48 89 f1 48 c7 c7 90 e7 d9 97 48 89 c6 e8 25 16 fe ff 0b 4c 8b 02 49 39 f0 74 14 48 89 d1 48 c7 c7 e8 e7 d9 97 4c 89 [56251.725811] RSP: 0018:ffff93120dd40b80 EFLAGS: 00010246 [56251.736094] RAX: 0000000000000075 RBX: ffffb301e6bba9d8 RCX: 0000000000000000 [56251.748260] RDX: 0000000000000000 RSI: ffff9149afda0b80 RDI: ffff9149afda0b80 [56251.760349] RBP: ffff9131e49c8000 R08: 0000000000000000 R09: ffff93120dd40a18 [56251.772382] R10: ffff9159cf2ce1a8 R11: 0000000000000003 R12: ffff911a80850000 [56251.784364] R13: ffff93120fbc7000 R14: 0000000000000010 R15: ffff9139e7510e40 [56251.796278] FS: 0000000000000000(0000) GS:ffff9149afd80000(0000) knlGS:0000000000000000 [56251.809133] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [56251.819561] CR2: 00007f5e85e6f300 CR3: 00000038b85e2006 CR4: 0000000000770ef0 [56251.831365] PKRU: 55555554 [56251.838653] Call Trace: [56251.845560] [56251.851943] cpu_map_enqueue.cold+0x5/0xa [56251.860243] xdp_do_redirect+0x2d9/0x480 [56251.868388] bnxt_rx_xdp+0x1d8/0x4c0 [bnxt_en] [56251.877028] bnxt_rx_pkt+0x5f7/0x19b0 [bnxt_en] [56251.885665] ? cpu_max_write+0x1e/0x100 [56251.893510] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.902276] __bnxt_poll_work+0x190/0x340 [bnxt_en] [56251.911058] bnxt_poll+0xab/0x1b0 [bnxt_en] [56251.919041] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.927568] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.935958] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.944250] __napi_poll+0x2b/0x160 [56251.951155] bpf_trampoline_6442548651+0x79/0x123 [56251.959262] __napi_poll+0x5/0x160 [56251.966037] net_rx_action+0x3d2/0x880 [56251.973133] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.981265] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.989262] ? __hrtimer_run_queues+0x162/0x2a0 [56251.996967] ? srso_alias_return_thunk+0x5/0xfbef5 [56252.004875] ? srso_alias_return_thunk+0x5/0xfbef5 [56252.012673] ? bnxt_msix+0x62/0x70 [bnxt_en] [56252.019903] handle_softirqs+0xcf/0x270 [56252.026650] irq_exit_rcu+0x67/0x90 [56252.032933] common_interrupt+0x85/0xa0 [56252.039498] [56252.044246] [56252.048935] asm_common_interrupt+0x26/0x40 [56252.055727] RIP: 0010:cpuidle_enter_state+0xb8/0x420 [56252.063305] Code: dc 01 00 00 e8 f9 79 3b ff e8 64 f7 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 a5 32 3a ff 45 84 ff 0f 85 ae 01 00 00 fb 45 85 f6 88 88 01 00 00 48 8b 04 24 49 63 ce 4c 89 ea 48 6b f1 68 48 29 [56252.088911] RSP: 0018:ffff93120c97fe98 EFLAGS: 00000202 [56252.096912] RAX: ffff9149afd80000 RBX: ffff9141d3a72800 RCX: 0000000000000000 [56252.106844] RDX: 00003329176c6b98 RSI: ffffffe36db3fdc7 RDI: 0000000000000000 [56252.116733] RBP: 0000000000000002 R08: 0000000000000002 R09: 000000000000004e [56252.126652] R10: ffff9149afdb30c4 R11: 071c71c71c71c71c R12: ffffffff985ff860 [56252.136637] R13: 00003329176c6b98 R14: 0000000000000002 R15: 0000000000000000 [56252.146667] ? cpuidle_enter_state+0xab/0x420 [56252.153909] cpuidle_enter+0x2d/0x40 [56252.160360] do_idle+0x176/0x1c0 [56252.166456 ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38247 - "Linux Kernel User Namespace and Mnt Idmap Leak"

mnt_userns. Failing do_mount_setattr() does not change that. As the result, we can end up leaking userns and possibly mnt_idmap as well. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38248 - Linux Kernel Bridge Use-After-Free Vulnerability

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38249 - ALSA USB Audio Out-of-Bounds Read Vulnerability

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38250 - "Bluetooth hci_core Use-After-Free Vulnerability"

dev->driver_data. The problem is that there is no synchronisation after unlinking hdev from hci_dev_list in hci_unregister_dev(). There might be another thread still accessing the hdev which was fetched before the unlink operation. We can use SRCU for such synchronisation. Let's run hci_dev_reset() under SRCU and wait for its completion in hci_unregister_dev(). Another option would be to restore hci_dev->destruct(), which was removed in commit 587ae086f6e4 ("Bluetooth: Remove unused hci-destruct cb"). However, this would not be a good solution, as we should not run hci_unregister_dev() while there are in-flight ioctl() requests, which could lead to another data-race KCSAN splat. Note that other drivers seem to have the same problem, for exmaple, virtbt_remove(). [0]: BUG: KASAN: slab-use-after-free in skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline] BUG: KASAN: slab-use-after-free in skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937 Read of size 8 at addr ffff88807cb8d858 by task syz.1.219/6718 CPU: 1 UID: 0 PID: 6718 Comm: syz.1.219 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 Call Trace: dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0xd2/0x2b0 mm/kasan/report.c:521 kasan_report+0x118/0x150 mm/kasan/report.c:634 skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline] skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937 skb_queue_purge include/linux/skbuff.h:3368 [inline] vhci_flush+0x44/0x50 drivers/bluetooth/hci_vhci.c:69 hci_dev_do_reset net/bluetooth/hci_core.c:552 [inline] hci_dev_reset+0x420/0x5c0 net/bluetooth/hci_core.c:592 sock_do_ioctl+0xd9/0x300 net/socket.c:1190 sock_ioctl+0x576/0x790 net/socket.c:1311 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fcf5b98e929 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fcf5c7b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007fcf5bbb6160 RCX: 00007fcf5b98e929 RDX: 0000000000000000 RSI: 00000000400448cb RDI: 0000000000000009 RBP: 00007fcf5ba10b39 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007fcf5bbb6160 R15: 00007ffd6353d528 Allocated by task 6535: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3e/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359 kmalloc_noprof include/linux/slab.h:905 [inline] kzalloc_noprof include/linux/slab.h:1039 [inline] vhci_open+0x57/0x360 drivers/bluetooth/hci_vhci.c:635 misc_open+0x2bc/0x330 drivers/char/misc.c:161 chrdev_open+0x4c9/0x5e0 fs/char_dev.c:414 do_dentry_open+0xdf0/0x1970 fs/open.c:964 vfs_open+0x3b/0x340 fs/open.c:1094 do_open fs/namei.c:3887 [inline] path_openat+0x2ee5/0x3830 fs/name ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38251 - Linux ATM Clip NULL Pointer Dereference Vulnerability

truesize. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38252 - Linux Kernel CXL Driver - Unvalidated Assumption Handler

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38253 - Wacom HID Linux Kernel Crash Vulnerability

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38254 - AMD Linux Kernel EDID Handling Buffer Overflow

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38255 - Linux Kernel null_blk Configfs Null Pointer Dereference Vulnerability

poll_queues will trigger following panic: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 [#1] SMP NOPTI CPU: 27 UID: 0 PID: 920 Comm: bash Not tainted 6.15.0-02023-gadbdb95c8696-dirty #1238 PREEMPT(undef) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014 RIP: 0010:__bitmap_or+0x48/0x70 Call Trace: __group_cpus_evenly+0x822/0x8c0 group_cpus_evenly+0x2d9/0x490 blk_mq_map_queues+0x1e/0x110 null_map_queues+0xc9/0x170 [null_blk] blk_mq_update_queue_map+0xdb/0x160 blk_mq_update_nr_hw_queues+0x22b/0x560 nullb_update_nr_hw_queues+0x71/0xf0 [null_blk] nullb_device_poll_queues_store+0xa4/0x130 [null_blk] configfs_write_iter+0x109/0x1d0 vfs_write+0x26e/0x6f0 ksys_write+0x79/0x180 __x64_sys_write+0x1d/0x30 x64_sys_call+0x45c4/0x45f0 do_syscall_64+0xa5/0x240 entry_SYSCALL_64_after_hwframe+0x76/0x7e Root cause is that numgrps is set to 0, and ZERO_SIZE_PTR is returned from kcalloc(), and later ZERO_SIZE_PTR will be deferenced. Fix the problem by checking numgrps first in group_cpus_evenly(), and return NULL directly if numgrps is zero. [yukuai3@huawei.com: also fix the non-SMP version] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38256 - Linux Kernel io_uring Folio Unpinning Vulnerability

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38257 - IBM s390 Memory Corruption Vulnerability

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38258 - Linux Kernel Memcg Path Memory Leak

memcg_path on write memcg_path_store() assigns a newly allocated memory buffer to filter->memcg_path, without deallocating the previously allocated and assigned memory buffer. As a result, users can leak kernel memory by continuously writing a data to memcg_path DAMOS sysfs file. Fix the leak by deallocating the previously set memory buffer. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38259 - Linux Kernel ASoC Wcd9335 Regulator Leaks Vulnerability

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38260 - Linux Btrfs rescue=ibadroots null pointer dereference vulnerability

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38261 - Linux RISC-V SR_SUM Status Vulnerability

set_child_tid) put_user(task_pid_vnr(current), current->set_child_tid); ... } the put_user() macro causes the code sequence to come out as follows: 1: __enable_user_access() 2: reg = task_pid_vnr(current); 3: *current->set_child_tid = reg; 4: __disable_user_access() The problem is that we may have a sleeping function as argument which could clear SR_SUM causing the panic above. This was fixed by evaluating the argument of the put_user() macro outside the user-enabled section in commit 285a76bb2cf5 ("riscv: evaluate put_user() arg before enabling user access")" In order for riscv to take advantage of unsafe_get/put_XXX() macros and to avoid the same issue we had with put_user() and sleeping functions we must ensure code flow can go through switch_to() from within a region of code with SR_SUM enabled and come back with SR_SUM still enabled. This patch addresses the problem allowing future work to enable full use of unsafe_get/put_XXX() macros without needing to take a CSR bit flip cost on every access. Make switch_to() save and restore SR_SUM. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38262 - Linux UARTlite Concurrency Race Null Pointer Dereference

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38263 - Linux bcache NULL Pointer Dereference Vulnerability

devices = kcalloc(c->nr_uuids, sizeof(void *), GFP_KERNEL)) || 1861 mempool_init_slab_pool(&c->search, 32, bch_search_cache) || 1862 mempool_init_kmalloc_pool(&c->bio_meta, 2, 1863 sizeof(struct bbio) + sizeof(struct bio_vec) * 1864 bucket_pages(c)) || 1865 mempool_init_kmalloc_pool(&c->fill_iter, 1, iter_size) || 1866 bioset_init(&c->bio_split, 4, offsetof(struct bbio, bio), 1867 BIOSET_NEED_BVECS|BIOSET_NEED_RESCUER) || 1868 !(c->uuids = alloc_bucket_pages(GFP_KERNEL, c)) || 1869 !(c->moving_gc_wq = alloc_workqueue("bcache_gc", 1870 WQ_MEM_RECLAIM, 0)) || 1871 bch_journal_alloc(c) || 1872 bch_btree_cache_alloc(c) || 1873 bch_open_buckets_alloc(c) || 1874 bch_bset_sort_state_init(&c->sort, ilog2(c->btree_pages))) 1875 goto err; ^^^^^^^^ 1876 ... 1883 return c; 1884 err: 1885 bch_cache_set_unregister(c); ^^^^^^^^^^^^^^^^^^^^^^^^^^^ 1886 return NULL; 1887 } ... 2078 static const char *register_cache_set(struct cache *ca) 2079 { ... 2098 c = bch_cache_set_alloc(&ca->sb); 2099 if (!c) 2100 return err; ^^^^^^^^^^ ... 2128 ca->set = c; 2129 ca->set->cache[ca->sb.nr_this_dev] = ca; ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ... 2138 return NULL; 2139 err: 2140 bch_cache_set_unregister(c); 2141 return err; 2142 } (1) If LINE#1860 - LINE#1874 is true, then do 'goto err'(LINE#1875) and call bch_cache_set_unregister()(LINE#1885). (2) As (1) return NULL(LINE#1886), LINE#2098 - LINE#2100 would return. (3) As (2) has returned, LINE#2128 - LINE#2129 would do *not* give the value to c->cache[], it means that c->cache[] is NULL. LINE#1624 - LINE#1665 is some codes about function of cache_set_flush(). As (1), in LINE#1885 call bch_cache_set_unregister() ---> bch_cache_set_stop() ---> closure_queue() -.-> cache_set_flush() (as below LINE#1624) 1624 static void cache_set_flush(struct closure *cl) 1625 { ... 1654 for_each_cache(ca, c, i) 1655 if (ca->alloc_thread) ^^ 1656 kthread_stop(ca->alloc_thread); ... 1665 } (4) In LINE#1655 ca is NULL(see (3)) in cache_set_flush() then the kernel crash occurred as below: [ 846.712887] bcache: register_cache() error drbd6: cannot allocate memory [ 846.713242] bcache: register_bcache() error : failed to register device [ 846.713336] bcache: cache_set_free() Cache set 2f84bdc1-498a-4f2f-98a7-01946bf54287 unregistered [ 846.713768] BUG: unable to handle kernel NULL pointer dereference at 00000000000009f8 [ 846.714790] PGD 0 P4D 0 [ 846.715129] Oops: 0000 [#1] SMP PTI [ 846.715472] CPU: 19 PID: 5057 Comm: kworker/19:16 Kdump: loaded Tainted: G OE --------- - - 4.18.0-147.5.1.el8_1.5es.3.x86_64 #1 [ 846.716082] Hardware name: ESPAN GI-25212/X11DPL-i, BIOS 2.1 06/15/2018 [ 846.716451] Workqueue: events cache_set_flush [bcache] [ 846.716808] RIP: 0010:cache_set_flush+0xc9/0x1b0 [bcache] [ 846.717155] Code: 00 4c 89 a5 b0 03 00 00 48 8b 85 68 f6 ff ff a8 08 0f 84 88 00 00 00 31 db 66 83 bd 3c f7 ff ff 00 48 8b 85 48 ff ff ff 74 28 8b b8 f8 09 00 0 ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38264 - NVIDIA nvme-tcp Request List Injection Vulnerability

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38241 - Red Hat Linux Kernel ZRAM Soft Lockup Vulnerability

/sys/kernel/mm/transparent_hugepage/hugepages-64kB/enabled swapon /dev/zram0 # zram0 is a 48G swap device mkdir -p /sys/fs/cgroup/memory/test echo 1G > /sys/fs/cgroup/test/memory.max echo $BASHPID > /sys/fs/cgroup/test/cgroup.procs while true; do dd if=/dev/zero of=/tmp/test.img bs=1M count=5120 cat /tmp/test.img > /dev/null rm /tmp/test.img done Then after a while: watchdog: BUG: soft lockup - CPU#0 stuck for 763s! [cat:5787] Modules linked in: zram virtiofs CPU: 0 UID: 0 PID: 5787 Comm: cat Kdump: loaded Tainted: G L 6.15.0.orig-gf3021d9246bc-dirty #118 PREEMPT(voluntary)· Tainted: [L]=SOFTLOCKUP Hardware name: Red Hat KVM/RHEL-AV, BIOS 0.0.0 02/06/2015 RIP: 0010:mpol_shared_policy_lookup+0xd/0x70 Code: e9 b8 b4 ff ff 31 c0 c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 41 54 55 53 8b 1f 48 85 db 74 41 4c 8d 67 08 48 89 fb 48 89 f5 4c 89 e7 e8 RSP: 0018:ffffc90002b1fc28 EFLAGS: 00000202 RAX: 00000000001c20ca RBX: 0000000000724e1e RCX: 0000000000000001 RDX: ffff888118e214c8 RSI: 0000000000057d42 RDI: ffff888118e21518 RBP: 000000000002bec8 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000bf4 R11: 0000000000000000 R12: 0000000000000001 R13: 00000000001c20ca R14: 00000000001c20ca R15: 0000000000000000 FS: 00007f03f995c740(0000) GS:ffff88a07ad9a000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f03f98f1000 CR3: 0000000144626004 CR4: 0000000000770eb0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: shmem_alloc_folio+0x31/0xc0 shmem_swapin_folio+0x309/0xcf0 ? filemap_get_entry+0x117/0x1e0 ? xas_load+0xd/0xb0 ? filemap_get_entry+0x101/0x1e0 shmem_get_folio_gfp+0x2ed/0x5b0 shmem_file_read_iter+0x7f/0x2e0 vfs_read+0x252/0x330 ksys_read+0x68/0xf0 do_syscall_64+0x4c/0x1c0 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f03f9a46991 Code: 00 48 8b 15 81 14 10 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd e8 20 ad 01 00 f3 0f 1e fa 80 3d 35 97 10 00 00 74 13 31 c0 0f 05 3d 00 f0 ff ff 77 4f c3 66 0f 1f 44 00 00 55 48 89 e5 48 83 ec RSP: 002b:00007fff3c52bd28 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f03f9a46991 RDX: 0000000000040000 RSI: 00007f03f98ba000 RDI: 0000000000000003 RBP: 00007fff3c52bd50 R08: 0000000000000000 R09: 00007f03f9b9a380 R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000040000 R13: 00007f03f98ba000 R14: 0000000000000003 R15: 0000000000000000 The reason is simple, readahead brought some order 0 folio in swap cache, and the swapin mTHP folio being allocated is in conflict with it, so swapcache_prepare fails and causes shmem_swap_alloc_folio to return -EEXIST, and shmem simply retries again and again causing this loop. Fix it by applying a similar fix for anon mTHP swapin. The performance change is very slight, time of swapin 10g zero folios with shmem (test for 12 times): Before: 2.47s After: 2.48s [kasong@tencent.com: add comment] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38242 - Linux Kernel Userfaultfd Swap Cache Vulnerability

... // folio A is a new allocated folio // and get installed into src_pte // src_pte now points to folio A, S1 // has swap count == 0, it can be freed // by folio_swap_swap or swap // allocator's reclaim. // folio B is a folio in another VMA. // S1 is freed, folio B can use it // for swap out with no problem. ... folio = filemap_get_folio(S1) // Got folio B here !!! ... interrupted again> ... // Now S1 is free to be used again. // Now src_pte is a swap entry PTE // holding S1 again. folio_trylock(folio) move_swap_pte double_pt_lock is_pte_pages_stable // Check passed because src_pte == S1 folio_move_anon_rmap(...) // Moved invalid folio B here !!! The race window is very short and requires multiple collisions of multiple rare events, so it's very unlikely to happen, but with a deliberately constructed reproducer and increased time window, it can be reproduced easily. This can be fixed by checking if the folio returned by filemap is the valid swap cache folio after acquiring the folio lock. Another similar race is possible: filemap_get_folio may return NULL, but folio (A) could be swapped in and then swapped out again using the same swap entry after the lookup. In such a case, folio (A) may remain in the swap cache, so it must be moved too: CPU1 CPU2 userfaultfd_move move_pages_pte() entry = pte_to_swp_entry(orig_src_pte); // Here it got entry = S1, and S1 is not in swap cache folio = filemap_get ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38243 - "Linux Btrfs Null Pointer Dereference Vulnerability"

vfs_inode); which results in an invalid inode pointer that triggers an invalid memory access, resulting in a crash. Fix this by making sure we don't do such dereferences. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38244 - Samba SMB vulnerability - Deadlock in SMB Client

srv_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0x134/0x200 but task is already holding lock: ffff888119c64330 (&ret_buf->chan_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0xcf/0x200 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&ret_buf->chan_lock){+.+.}-{3:3}: validate_chain+0x1cf/0x270 __lock_acquire+0x60e/0x780 lock_acquire.part.0+0xb4/0x1f0 _raw_spin_lock+0x2f/0x40 cifs_setup_session+0x81/0x4b0 cifs_get_smb_ses+0x771/0x900 cifs_mount_get_session+0x7e/0x170 cifs_mount+0x92/0x2d0 cifs_smb3_do_mount+0x161/0x460 smb3_get_tree+0x55/0x90 vfs_get_tree+0x46/0x180 do_new_mount+0x1b0/0x2e0 path_mount+0x6ee/0x740 do_mount+0x98/0xe0 __do_sys_mount+0x148/0x180 do_syscall_64+0xa4/0x260 entry_SYSCALL_64_after_hwframe+0x76/0x7e -> #1 (&ret_buf->ses_lock){+.+.}-{3:3}: validate_chain+0x1cf/0x270 __lock_acquire+0x60e/0x780 lock_acquire.part.0+0xb4/0x1f0 _raw_spin_lock+0x2f/0x40 cifs_match_super+0x101/0x320 sget+0xab/0x270 cifs_smb3_do_mount+0x1e0/0x460 smb3_get_tree+0x55/0x90 vfs_get_tree+0x46/0x180 do_new_mount+0x1b0/0x2e0 path_mount+0x6ee/0x740 do_mount+0x98/0xe0 __do_sys_mount+0x148/0x180 do_syscall_64+0xa4/0x260 entry_SYSCALL_64_after_hwframe+0x76/0x7e -> #0 (&tcp_ses->srv_lock){+.+.}-{3:3}: check_noncircular+0x95/0xc0 check_prev_add+0x115/0x2f0 validate_chain+0x1cf/0x270 __lock_acquire+0x60e/0x780 lock_acquire.part.0+0xb4/0x1f0 _raw_spin_lock+0x2f/0x40 cifs_signal_cifsd_for_reconnect+0x134/0x200 __cifs_reconnect+0x8f/0x500 cifs_handle_standard+0x112/0x280 cifs_demultiplex_thread+0x64d/0xbc0 kthread+0x2f7/0x310 ret_from_fork+0x2a/0x230 ret_from_fork_asm+0x1a/0x30 other info that might help us debug this: Chain exists of: &tcp_ses->srv_lock --> &ret_buf->ses_lock --> &ret_buf->chan_lock Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&ret_buf->chan_lock); lock(&ret_buf->ses_lock); lock(&ret_buf->chan_lock); lock(&tcp_ses->srv_lock); *** DEADLOCK *** 3 locks held by cifsd/6055: #0: ffffffff857de398 (&cifs_tcp_ses_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0x7b/0x200 #1: ffff888119c64060 (&ret_buf->ses_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0x9c/0x200 #2: ffff888119c64330 (&ret_buf->chan_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0xcf/0x200 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38245 - "Google Compute Engine atm Device Registration Vulnerability"

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38239 - Megaraid SAS Array Index Out-of-Bounds Vulnerability

]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-27027 - Radiflow iSAP Smart Collector Rbash Bypass Vulnerability

]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-27028 - Radiflow iSAP Smart Collector Linux Privilege Escalation

]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-3497 - Radiflow iSAP Smart Collector EOL Vulnerability

]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-3498 - Radiflow iSAP Smart Collector Unauthenticated Remote Command Execution and Configuration Modification

]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-3499 - Apache OS Command Injection Vulnerability

]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-7379 - DataSync Center Reverse Tabnabbing Security Bypass

]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-7220 - Campcodes Payroll Management System SQL Injection

]]>

Wed, 09 Jul 2025 07:15:00 GMT

read more

CVE-2025-7378 - ASUSTOR ADM NAS Configuration File Injection Vulnerability

]]>

Wed, 09 Jul 2025 07:15:00 GMT

read more

CVE-2025-6691 - "WordPress SureForms Arbitrary File Deletion Vulnerability"

]]>

Wed, 09 Jul 2025 06:15:00 GMT

read more

CVE-2025-6742 - "SureForms WordPress PHP Object Injection Vulnerability"

]]>

Wed, 09 Jul 2025 06:15:00 GMT

read more

CVE-2025-7218 - Campcodes Payroll Management System SQL Injection Vulnerability

]]>

Wed, 09 Jul 2025 06:15:00 GMT

read more

CVE-2025-7219 - Campcodes Payroll Management System SQL Injection

]]>

Wed, 09 Jul 2025 06:15:00 GMT

read more

CVE-2025-7215 - FNKvision FNK-GU2 Cleartext Storage of Sensitive Information Vulnerability

]]>

Wed, 09 Jul 2025 05:15:00 GMT

read more

CVE-2025-7216 - "Lty628 Aidigu PHP Object Handler Deserialization Vulnerability"

]]>

Wed, 09 Jul 2025 05:15:00 GMT

read more

CVE-2025-7217 - Campcodes Payroll Management System SQL Injection Vulnerability

]]>

Wed, 09 Jul 2025 05:15:00 GMT

read more

CVE-2025-4606 - Sala - Startup SaaS WordPress Theme Privilege Escalation Vulnerability

]]>

Wed, 09 Jul 2025 04:16:00 GMT

read more

CVE-2025-7059 - WordPress Simple Featured Image Stored Cross-Site Scripting

]]>

Wed, 09 Jul 2025 04:16:00 GMT

read more

CVE-2025-7214 - FNKvision FNK-GU2 MD5 Cryptographic Algorithm Vulnerability

]]>

Wed, 09 Jul 2025 04:16:00 GMT

read more

CVE-2025-53685 - Apache HTTP Server Remote Code Execution

]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53686 - Apache HTTP Server Cross-Site Request Forgery (CSRF)

]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53687 - Apache HTTP Server Unvalidated User Input

]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53688 - Apache HTTP Server Cross-Site Request Forgery

]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-7211 - "Code-Projects LifeStyle Store SQL Injection Vulnerability"

]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-7212 - iSourcecode Insurance Management System SQL Injection

]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-7213 - FNKvision FNK-GU2 UART Interface Debug Interface Access Control Vulnerability

]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53682 - Apache Struts Unvalidated Redirect to Malicious Server

]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53683 - Apache HTTP Server Unvalidated User Input

]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53684 - Apache HTTP Server Cross-Site Request Forgery

]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-5678 - Kadence WP Gutenberg Blocks with AI Stored Cross-Site Scripting

]]>

Wed, 09 Jul 2025 02:15:00 GMT

read more

CVE-2025-7210 - Apache Ros Library Management System File Upload Vulnerability

]]>

Wed, 09 Jul 2025 02:15:00 GMT

read more

CVE-2025-7209 - Plan9port Null Pointer Dereference Vulnerability

]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-34077 - WordPress Pie Register Plugin Authentication Bypass and Remote Code Execution

]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-34083 - WordPress AIT CSV Import/Export Unrestricted File Upload Vulnerability

]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-34084 - BoldGrid Backup WordPress Unauthenticated Information Disclosure

]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-34085 - WordPress Simple File List PHP Unrestricted File Upload RCE

]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-7207 - mruby Heap-Based Buffer Overflow Vulnerability

]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-7208 - Plan9port X509 Heap Buffer Overflow Vulnerability

]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-4828 - WordPress Support Board Plugin Arbitrary File Deletion Vulnerability

]]>

Wed, 09 Jul 2025 00:15:00 GMT

read more

CVE-2025-4855 - WordPress Support Board Plugin Unauthenticated Data Access and Modification

]]>

Wed, 09 Jul 2025 00:15:00 GMT

read more

CVE-2025-7206 - D-Link DIR-825 HTTPd Stack-Based Buffer Overflow

]]>

Wed, 09 Jul 2025 00:15:00 GMT

read more

CVE-2025-3780 - WooCommerce WCFM - Unauthenticated Data Modification Vulnerability

]]>

Wed, 09 Jul 2025 00:15:00 GMT

read more

CVE-2025-7199 - Apache Code-projects Library System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-7200 - Krishna9772 Pharmacy Management System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47122 - Adobe Framemaker Heap-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47123 - Adobe Framemaker Heap-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47124 - Adobe Framemaker Out-of-Bounds Write Arbitrary Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47125 - Adobe Framemaker Heap-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47126 - Adobe Framemaker Out-of-Bounds Write Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47127 - Adobe Framemaker Out-of-Bounds Write Arbitrary Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47128 - Adobe Framemaker Integer Underflow Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47129 - Adobe Framemaker Out-of-Bounds Write Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47130 - Adobe Framemaker Integer Underflow Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47131 - Adobe Framemaker Heap-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47132 - Adobe Framemaker Out-of-Bounds Write Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47133 - Adobe Framemaker Out-of-Bounds Write Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2024-56468 - IBM InfoSphere Data Replication VSAM for z/OS Remote Source Denial of Service (DoS) Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47097 - Adobe InCopy Integer Underflow Arbitrary Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47098 - Adobe InCopy Uninitialized Pointer Arbitrary Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47099 - Adobe InCopy Heap-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47119 - Adobe Framemaker NULL Pointer Dereference Denial-of-Service Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47120 - Adobe Framemaker Stack-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47121 - Adobe Framemaker Uninitialized Pointer Access Vulnerability

]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-53547 - Helm Chart File Execution Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-6759 - Citrix Windows Virtual Delivery Agent System Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-7197 - Jonnys Liquor SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-7198 - Jonnys Liquor SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-27165 - Substance3D Out-of-Bounds Read Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-27203 - Adobe Connect Deserialization of Untrusted Data Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-30313 - Adobe Illustrator Out-of-Bounds Read Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-43591 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-43592 - Adobe InDesign Uninitialized Pointer Arbitrary Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-43594 - Adobe InDesign Out-of-Bounds Write Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-47103 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-47134 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-47136 - Adobe InDesign Integer Underflow Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49524 - Adobe Illustrator NULL Pointer Dereference Denial of Service Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49525 - Adobe Illustrator Out-of-Bounds Read Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49526 - Adobe Illustrator Out-of-Bounds Write Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49527 - Adobe Illustrator Stack-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49528 - Adobe Illustrator Stack-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49529 - Adobe Illustrator Uninitialized Pointer Arbitrary Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49530 - Adobe Illustrator Out-of-Bounds Write Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49531 - Adobe Illustrator Integer Overflow Arbitrary Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49532 - Adobe Illustrator Integer Underflow Arbitrary Code Execution

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49533 - Adobe Experience Manager MS Deserialization of Untrusted Data Vulnerability

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49534 - Adobe Experience Manager Stored XSS

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49547 - Adobe Experience Manager Stored XSS

]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-43582 - Substance3D Heap-based Buffer Overflow Vulnerability in Viewer

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-43583 - Substance3D Viewer NULL Pointer Dereference DoS Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-43584 - Substance3D Out-of-Bounds Read Vulnerability in Viewer

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49535 - Adobe ColdFusion XXE Security Feature Bypass

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49536 - ColdFusion Incorrect Authorization Security Feature Bypass

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49537 - ColdFusion OS Command Injection Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49538 - ColdFusion XML Injection File System Read Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49539 - ColdFusion XXE Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49540 - ColdFusion Stored XSS Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49541 - ColdFusion Stored Cross-Site Scripting Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49542 - Adobe ColdFusion Reflected Cross-Site Scripting (XSS) Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49543 - ColdFusion Stored XSS

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49544 - ColdFusion XXE Security Feature Bypass

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49545 - ColdFusion SSRF File System Read

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49546 - ColdFusion Improper Access Control Denial-of-Service Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49551 - ColdFusion Hard-coded Credentials Privilege Escalation

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-7030 - Drupal Two-factor Authentication (TFA) Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-7031 - Drupal Config Pages Viewer Missing Authentication Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-7194 - D-Link DI-500WF Stack-Based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-7196 - Jonnys Liquor SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-37103 - HPE Networking Instant On Access Points Hard-Coded Login Credentials Vulnerability

]]>

Tue, 08 Jul 2025 20:15:00 GMT

read more

CVE-2025-53355 - "Kubernetes MCP Server Command Injection Vulnerability"

]]>

Tue, 08 Jul 2025 20:15:00 GMT

read more

CVE-2025-7192 - D-Link DIR-645 Command Injection Vulnerability

]]>

Tue, 08 Jul 2025 20:15:00 GMT

read more

CVE-2025-7193 - iSourcecode Agri-Trading Online Shopping System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 20:15:00 GMT

read more

CVE-2025-7191 - Code-projects Student Enrollment System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2023-43039 - IBM OpenPages with Watson Cross-Site Scripting (XSS)

]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2024-49783 - IBM OpenPages with Watson Cryptographic Data Extraction Vulnerability

]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2024-49784 - IBM OpenPages with Watson Cryptographic Weakness

]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-27367 - IBM OpenPages with Watson Input Validation Bypass

]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-27369 - IBM OpenPages with Watson Information Disclosure Vulnerability

]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-37102 - HPE Networking Instant On Access Points Command Injection Vulnerability

]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-48384 - Git Symlink Execution Vulnerability

]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-48385 - Git Bundle Protocol Injection Vulnerability

]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-48386 - Git Wincred Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-7190 - Apache Code-projects Library Management System Unrestricted File Upload Vulnerability

]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-0928 - Juju Unauthorized Agent Binary Upload Vulnerability

]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-30312 - Dimension File Parsing Out-of-Bounds Write Vulnerability

]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-47135 - Dimension File Handler Out-of-Bounds Read Vulnerability (ASLR Bypass)

]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-4663 - Brocade Fabric OS SSH Session Termination DoS

]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-53479 - Mediawiki CheckUser Reflected Cross-Site Scripting

]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-7188 - Code-projects Chat System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-7189 - Code-projects Chat System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-7362 - Mediawiki MsUpload Stored XSS

]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-7363 - MediaWiki TitleIcon Stored XSS

]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-49760 - Microsoft Windows Storage Path Traversal Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-53512 - Juju Controller Debug Information Disclosure Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-53513 - Juju Charm Zip Slip Unauthorized Upload Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-7186 - "Code-projects Chat System SQL Injection Vulnerability"

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-7187 - Code-Projects Chat System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49723 - Windows StateRepository API Authorization Bypass

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49724 - Windows Connected Devices Platform Service Use-After-Free Remote Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49725 - Windows Notification Use-After-Free Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49726 - Windows Notification Use-After-Free Privilege Escalation

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49727 - Windows Win32K GRFX Heap-based Buffer Overflow Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49729 - Windows Routing and Remote Access Service (RRAS) Heap-based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49730 - Microsoft Windows QoS Scheduler TOCTOU Race Condition Privilege Escalation

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49731 - Microsoft Teams Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49732 - Microsoft Graphics Component Heap-Based Buffer Overflow Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49733 - Windows Win32K ICOMP Use-After-Free Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49735 - "Microsoft Windows KPSSVC Use-After-Free Code Execution Vulnerability"

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49737 - Microsoft Teams Privilege Escalation Race Condition

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49738 - Microsoft PC Manager Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49739 - Visual Studio Link Following Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49740 - Microsoft Windows SmartScreen Bypass Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49742 - Microsoft Graphics Component Integer Overflow Remote Code Execution

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49744 - Microsoft Graphics Component Heap Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49753 - Windows Routing and Remote Access Service (RRAS) Heap Buffer Overflow

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49756 - Microsoft Office Developer Platform Cryptographic Algorithm Bypass Vulnerability

]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49722 - Windows Print Spooler Unauthenticated Denial of Service

]]>

Tue, 08 Jul 2025 17:15:00 GMT

read more

CVE-2024-52965 - Fortinet FortiOS and FortiProxy Authentication Bypass

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2024-55599 - FortiOS DNS Filter Bypass Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-24474 - FortiManager FortiAnalyzer SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-29267 - Abis, Inc Adjutant Core Accounting ERP SQL Injection

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-2793 - IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-2827 - IBM Sterling File Gateway Information Disclosure

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-36600 - Dell Client Platform BIOS Local Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-3630 - IBM Sterling B2B Integrator and IBM Sterling File Gateway Stored Cross-Site Scripting Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-53372 - Node-Code-Sandbox-MCP Command Injection Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-53480 - Mediawiki CheckUser Extension Reflected XSS Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-53545 - Frappe Press Two-Factor Authentication Bypass Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-5450 - Ivanti Connect Secure Certificate Management Component Access Control Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-5451 - Ivanti Connect Secure Stack-Based Buffer Overflow Denial of Service

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-5463 - Ivanti Connect Secure and Ivanti Policy Secure Sensitive Information Disclosure

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-6770 - Ivanti Endpoint Manager Mobile OS Command Injection

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-6995 - Ivanti Endpoint Manager Password Decryption Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-6996 - Ivanti Endpoint Manager Password Decryption Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-7037 - Ivanti Endpoint Manager SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-7182 - iSourcecode Student Transcript Processing System Cross-Site Scripting (XSS)

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-7183 - Campcodes Sales and Inventory System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-7326 - Microsoft ASP.NET Core Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-47422 - Advanced Installer Local Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 14:15:00 GMT

read more

CVE-2025-7180 - Apache Code-projects Staff Audit System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 14:15:00 GMT

read more

CVE-2025-7181 - "Unrestricted File Upload Vulnerability in Staff Audit System"

]]>

Tue, 08 Jul 2025 14:15:00 GMT

read more

CVE-2025-7345 - Adobe Gdk Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 14:15:00 GMT

read more

CVE-2025-21432 - Apache IoT Gateway Buffer Overflow

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21433 - Citrix ADC SSL/TLS Denial of Service

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21444 - Cisco EMAC Memory Corruption Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21445 - VMware ESXi Heap-Based Buffer Overflow

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21446 - Cisco Wireless LAN DOS Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21449 - Cisco Wireless Router Denial of Service (DoS)

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21450 - Cisco WebEx Man-in-the-Middle Attack

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21454 - Aruba Wireless Beacon Frame Processing Stack Overflow

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21466 - Apache Kafka Memory Corruption Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27042 - Cisco Video Firmware Heap Overflow

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27043 - Samsung Video Firmware Buffer Overflow

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27044 - Apache FFmpeg Memory Corruption Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27046 - Apache Struts Heap Overflow

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27047 - Apache Tomcat Out-of-Bounds Write Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27050 - Apache Kafka Memory Corruption Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27051 - Cisco WLAN Host Buffer Overflow

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27052 - Juniper Networks NetScreen Debug Memory Corruption Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27055 - Adobe Photoshop Buffer Overflow

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27056 - Apache Tomcat Use-After-Free Memory Corruption Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27057 - Aruba Networks Wireless DOS Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27058 - Cisco IOS Denial of Service

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27061 - Cisco Video Firmware Out-of-Bounds Write Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-50130 - FUJI ELECTRIC CO., LTD. V-SFT/TELLUS Heap-Based Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-7178 - "Code-projects Food Distributor Site SQL Injection Vulnerability"

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-7179 - Code-Projects Library System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21002 - LeAudioService Auracast Access Control Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21003 - Apple Emergency SOS Sensitive Information Disclosure

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21004 - Samsung Galaxy Watch Intent Verification Vulnerability (Remote Code Execution)

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21005 - Android Isenburg Telphony Access Control Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21006 - Android MPEG4 Codec Out-of-Bounds Write Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21007 - Android Libsavsvc Out-of-Bounds Write

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21008 - Android Libsavsvc Out-of-Bounds Read

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21009 - Android libsavsvc.so Out-of-bounds Read Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-23364 - TIA Administrator Code Signing Certificate Validation Bypass

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-23365 - TIA Administrator Privilege Escalation (Path Traversal)

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-27127 - Siemens TIA Project-Server File Upload Denial of Service Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40593 - Siemens SIMATIC CN 4100 SFTP File Write Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40735 - SINEC NMS SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40736 - SINEC NMS Authentication Bypass Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40737 - SINEC NMS File Path Validation Vulnerability (Arbitrary File Write/Execution)

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40738 - SINEC NMS File Path Validation Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40739 - "Solid Edge SE Heap-Based Out-of-Bounds Read Vulnerability"

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40740 - Solid Edge Out-of-Bounds Read Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40741 - Solid Edge Stack-Based Overflow Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40742 - Siemens SIPROTEC 5 Session Information Disclosure Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-41222 - RUGGEDCOM TLS Denial of Service Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-41223 - Huawei RUGGEDCOM TLS CBC Timing Attack

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-41224 - Ruggedcom Unauthenticated Interface Access Bypass

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-7174 - Code-Projects Library System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-7175 - Code-projects E-Commerce Site Unrestricted File Upload Vulnerability

]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-7170 - Crime Reporting System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 09:15:00 GMT

read more

CVE-2025-7171 - "Crime Reporting System SQL Injection Vulnerability"

]]>

Tue, 08 Jul 2025 09:15:00 GMT

read more

CVE-2025-38236 - Linux Unix af_unix Use-After-Free Vulnerability

= unix_skb_len(skb)) { skip -= unix_skb_len(skb); skb = skb_peek_next(skb, &sk->sk_receive_queue); ... } In addition to this use-after-free, there is another issue that ioctl(SIOCATMARK) does not function properly with consecutive consumed OOB skbs. So, nothing good comes out of such a situation. Instead of complicating manage_oob(), ioctl() handling, and the next ECONNRESET fix by introducing a loop for consecutive consumed OOB skbs, let's not leave such consecutive OOB unnecessarily. Now, while receiving an OOB skb in unix_stream_recv_urg(), if its previous skb is a consumed OOB skb, it is freed. [0]: BUG: KASAN: slab-use-after-free in unix_stream_read_actor (net/unix/af_unix.c:3027) Read of size 4 at addr ffff888106ef2904 by task python3/315 CPU: 2 UID: 0 PID: 315 Comm: python3 Not tainted 6.16.0-rc1-00407-gec315832f6f9 #8 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-4.fc42 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:122) print_report (mm/kasan/report.c:409 mm/kasan/report.c:521) kasan_report (mm/kasan/report.c:636) unix_stream_read_actor (net/unix/af_unix.c:3027) unix_stream_read_generic (net/unix/af_unix.c:2708 net/unix/af_unix.c:2847) unix_stream_recvmsg (net/unix/af_unix.c:3048) sock_recvmsg (net/socket.c:1063 (discriminator 20) net/socket.c:1085 (discriminator 20)) __sys_recvfrom (net/socket.c:2278) __x64_sys_recvfrom (net/socket.c:2291 (discriminator 1) net/socket.c:2287 (discriminator 1) net/socket.c:2287 (discriminator 1)) do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) RIP: 0033:0x7f8911fcea06 Code: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08 RSP: 002b:00007fffdb0dccb0 EFLAGS: 00000202 ORIG_RAX: 000000000000002d RAX: ffffffffffffffda RBX: 00007fffdb0dcdc8 RCX: 00007f8911fcea06 RDX: 0000000000000001 RSI: 00007f8911a5e060 RDI: 0000000000000006 RBP: 00007fffdb0dccd0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000202 R12: 00007f89119a7d20 R13: ffffffffc4653600 R14: 0000000000000000 R15: 0000000000000000 Allocated by task 315: kasan_save_stack (mm/kasan/common.c:48) kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1)) __kasan_slab_alloc (mm/kasan/common.c:348) kmem_cache_alloc_ ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Tue, 08 Jul 2025 08:15:00 GMT

read more

CVE-2025-38237 - Samsung Exynos4 Linux Kernel Interrupt Handling Vulnerability

]]>

Tue, 08 Jul 2025 08:15:00 GMT

read more

CVE-2025-7168 - Apache Crime Reporting System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 08:15:00 GMT

read more

CVE-2025-7169 - Code-projects Crime Reporting System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 08:15:00 GMT

read more

CVE-2025-24002 - "Cisco Charging Station MQTT Denial-of-Service Vulnerability"

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-24003 - "Siemens EichrechtAgent MQTT Out-of-Bounds Write Denial-of-Service"

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-24004 - Cisco Switch USB-C Buffer Overflow Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-24005 - Apache SSH Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-24006 - Cisco SSH Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-25268 - Apache API Unauthenticated Configuration Modification

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-25269 - Apache Command Injection Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-25270 - Cisco IOS Remote Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-25271 - "EVgo OCPP Configuration Interface Insecure Defaults"

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-41665 - Siemens SIMATIC S7-1200 Watchdog Reboot Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-41666 - Apache Watchdog File Access Bypass

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-41667 - Aruba Networks File Access Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-41668 - Apache Service Security Profile File System Tampering Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-42956 - SAP NetWeaver Cross-Site Scripting (XSS)

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-6743 - WordPress Woodmart Stored Cross-Site Scripting Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-6746 - WordPress WoodMart Plugin Local File Inclusion Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-7166 - Code-projects Responsive Blog Site SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-7167 - Code-Projects Responsive Blog Site SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-7346 - Apache Maven Package Tampering Vulnerability

]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-7164 - PHPGurukul/Campcodes Cyber Cafe Management System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 06:15:00 GMT

read more

CVE-2025-7165 - PHPGurukul/Campcodes Cyber Cafe Management System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 06:15:00 GMT

read more

CVE-2025-7327 - Google Reviews for WordPress Directory Traversal Vulnerability

]]>

Tue, 08 Jul 2025 06:15:00 GMT

read more

CVE-2025-5957 - "WordPress Guest Support Unauthenticated Ticket Deletion Vulnerability"

]]>

Tue, 08 Jul 2025 05:15:00 GMT

read more

CVE-2025-7162 - PHPGurukul Zoo Management System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 05:15:00 GMT

read more

CVE-2025-7163 - PHPGurukul Zoo Management System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 05:15:00 GMT

read more

CVE-2025-5537 - FooBox Stored Cross-Site Scripting Vulnerability

]]>

Tue, 08 Jul 2025 05:15:00 GMT

read more

CVE-2025-7160 - PHPGurukul Zoo Management System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 04:15:00 GMT

read more

CVE-2025-7161 - PHPGurukul Zoo Management System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 04:15:00 GMT

read more

CVE-2025-20693 - Intel Wireless LAN STA Driver Out-of-Bounds Read Information Disclosure Vulnerability

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20694 - Intel Bluetooth Denial of Service Vulnerability

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20695 - Qualcomm Bluetooth Denial of Service Vulnerability

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53610 - Cisco WebEx Meeting Server Unvalidated Redirect

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53611 - Cisco Webex Meeting Server Authentication Bypass

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53612 - Apache HTTP Server Denial of Service

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53613 - Apache HTTP Server Unvalidated Request Parameter

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53614 - OpenVAS vulnerability in OpenVAS

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53615 - Apache Struts Unvalidated Redirect to Malicious Site

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53616 - Apache HTTP Server SQL Injection

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53617 - Apache HTTP Server Request Smuggling

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-5570 - WordPress AI Engine Plugin Stored Cross-Site Scripting vulnerabilit

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-6244 - Elementor - Stored Cross-Site Scripting in Calendar and Business Reviews Widgets

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-7157 - Code-projects Online Note Sharing SQL Injection

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-7158 - PHPGurukul Zoo Management System SQL Injection Vulnerability

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-7159 - PHPGurukul Zoo Management System SQL Injection

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20690 - "Qualcomm Wlan AP Driver Out-of-Bounds Read Information Disclosure Vulnerability"

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20691 - "Qualcomm Wlan AP Driver Out-of-Bounds Read Vulnerability"

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20692 - "Qualcomm Wlan AP Driver Out-of-Bounds Read Vulnerability"

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20684 - D-Link WLAN AP Driver Out-of-Bounds Write Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20685 - "Qualcomm WCN wlan AP Driver Arbitrary Write Vulnerability"

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20686 - "Aruba WLAN AP Driver Out-of-Bounds Write Remote Code Execution Vulnerability"

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20687 - Qualcomm Bluetooth Out-of-Bounds Read Vulnerability

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20688 - Intel Wireless LAN AP Driver Out-of-Bounds Read Information Disclosure Vulnerability

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20689 - "Intel WCNCR WLAN AP Driver Out-of-Bounds Read Vulnerability"

]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-42959 - Apache HMAC Reuse Replay Attack

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42960 - SAP Business Warehouse and SAP BW/4HANA BEx Tools Authorization Bypass

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42961 - SAP NetWeaver Application Server for ABAP Permissive Access Configuration Privilege Escalation

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42962 - SAP Business Warehouse Cross-Site Scripting (XSS)

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42963 - SAP NetWeaver Application Server for Java Java Object Deserialization Remote Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42964 - SAP NetWeaver Enterprise Portal Remote Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42965 - SAP CMC Information Disclosure Network Discovery Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42966 - SAP NetWeaver Java Deserialization Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42967 - SAP S/4HANA and SAP SCM Remote Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42968 - SAP NetWeaver Information Disclosure

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42969 - SAP NetWeaver Application Server ABAP and ABAP Platform Cross-Site Scripting (XSS)

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42970 - SAPCAR Directory Traversal Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42971 - SAPCAR Out-of-Bounds Memory Corruption Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42973 - SAP Data Services Cross-Site Scripting Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42974 - SAP Function Module Remote Information Disclosure Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42978 - SAP NetWeaver Application Server Java TLS Hostname Validation Bypass

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42979 - SAP GUI for Windows Credentials Obfuscation Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42980 - SAP NetWeaver Enterprise Portal Deserialization Remote Code Execution Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42981 - SAP NetWeaver Application Server ABAP Open Redirect Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42985 - SAP BusinessObjects Content Administrator Workbench Cross-Site Scripting (XSS)

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42986 - SAP BASIS Authentication Bypass

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42992 - SAPCAR Privilege Escalation Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-43001 - SAPCAR Privilege Escalation Directory Traversal

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-7154 - TOTOLINK N200RE OS Command Injection Vulnerability

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-7155 - PHPGurukul Online Notes Sharing System Cookie Handler SQL Injection

]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-7150 - Campcodes Advanced Online Voting System SQL Injection

]]>

Mon, 07 Jul 2025 23:15:00 GMT

read more

CVE-2025-7151 - Campcodes Advanced Online Voting System Unrestricted File Upload Vulnerability

]]>

Mon, 07 Jul 2025 23:15:00 GMT

read more

CVE-2025-7148 - CodeAstro Simple Hospital Management System Cross-Site Scripting Vulnerability

]]>

Mon, 07 Jul 2025 22:15:00 GMT

read more

CVE-2025-7149 - Campcodes Advanced Online Voting System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 22:15:00 GMT

read more

CVE-2025-7144 - SourceCodester Best Salon Management System Cross-Site Scripting Vulnerability

]]>

Mon, 07 Jul 2025 21:15:00 GMT

read more

CVE-2025-7147 - CodeAstro Patient Record Management System SQL Injection

]]>

Mon, 07 Jul 2025 21:15:00 GMT

read more

CVE-2025-53496 - Wikimedia Mediawiki MediaSearch Extension Stored XSS

]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-53539 - FastAPI Guard Regular Expression Denial of Service (ReDoS)

]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-53540 - Arduino-ESP32 CSRF Vulnerability Allows Remote Code Execution (RCE)

]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-53543 - Kestra Stored XSS Vulnerability

]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-7142 - SourceCodester Best Salon Management System Cross Site Scripting

]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-7143 - SourceCodester Best Salon Management System Cross-Site Scripting Vulnerability

]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-53478 - Mediawiki CheckUser Extension Cross-Site Scripting (XSS)

]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-53488 - Wikimedia Foundation Mediawiki WikiHiero Extension Stored XSS

]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-53495 - Wikimedia Foundation Mediawiki AbuseFilter Extension Authorization Bypass

]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-53498 - Wikimedia Foundation Mediawiki AbuseFilter Extension Data Leakage Vulnerability

]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-53499 - Wikimedia Foundation Mediawiki AbuseFilter Extension Missing Authorization Vulnerability

]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-6044 - Google ChromeOS Lenovo Stylus Tools Improper Access Control

]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-7140 - SourceCodester Best Salon Management System Cross-Site Scripting Vulnerability

]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-7141 - SourceCodester Best Salon Management System Cross Site Scripting Vulnerability

]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-20325 - Splunk Enterprise and Cloud Platform Search Head Cluster Secret Key Exposure

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-53535 - Better Auth Open Redirect Vulnerability

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-53536 - Roo Code Code Execution Vulnerability (Arbitrary Command Injection)

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-7138 - SourceCodester Best Salon Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-7139 - SourceCodester Best Salon Management System Cross-Site Scripting

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20323 - Splunk Enterprise Missing Access Control Vulnerability

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20324 - Splunk Enterprise/Cloud Platform System Source Type Configuration Injection Vulnerability

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20321 - Splunk Enterprise CSRF Vulnerability in Search Head Cluster

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20322 - Splunk Enterprise and Splunk Cloud Platform CSRF-Triggered Rolling Restart Vulnerability

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20319 - Splunk Enterprise Remote Command Execution Vulnerability

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20320 - Splunk Enterprise/Splunk Cloud Platform Path Traversal Denial of Service

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2024-37656 - Gnuboard5 Open Redirect Vulnerability

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2024-37657 - Gnuboard5 Open Redirect

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2024-37658 - Gnuboard5 Open Redirect Vulnerability

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2024-43190 - IBM Engineering Requirements Management DOORS Authentication Bypass

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20300 - Splunk Enterprise/Cloud Platform Cross-Site Scripting (XSS)

]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-7137 - SourceCodester Best Salon Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2024-25176 - LuaJIT Stack Buffer Overflow Vulnerability

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2024-25177 - LuaJIT NULL Metatable IR_FSTORE Denial of Service

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2024-25178 - LuaJIT Stack Overflow Handler Out-of-Bounds Read

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-1351 - IBM Storage Virtualize Privilege Escalation Vulnerability

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-36014 - IBM Integration Bus for z/OS Code Injection Vulnerability

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53377 - WeGIA Charitable Institution Web Manager Reflected Cross-Site Scripting (XSS)

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53491 - Wikimedia Foundation Mediawiki FlaggedRevs Extension Cross-Site Scripting (XSS)

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53497 - Wikimedia Foundation Mediawiki RelatedArticles Extension Stored XSS Vulnerability

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53525 - WeGIA Web Manager Reflected Cross-Site Scripting (XSS)

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53526 - WeGIA Web Manager Cross-Site Scripting (XSS)

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53527 - WeGIA Web Manager Blind SQL Injection

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53529 - WeGIA Web Manager SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53530 - Wegia Web Manager HTTP Request Smuggling Denial of Service

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53531 - Wegia Web Manager Long GET Request Denial of Service Vulnerability

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53532 - Giscus Unauthorized Discussion Creation Vulnerability

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-7136 - Campcodes Online Recruitment Management System SQL Injection

]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53374 - Dokploy Information Disclosure Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-53375 - Dokploy File Access Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-53376 - Dokploy Docker Command Injection Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-53487 - Mediawiki ApprovedRevs Stored XSS

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-7057 - Wikimedia Foundation Mediawiki Quiz Extension Stored XSS Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-7134 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-7135 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-7259 - MongoDB Server Duplicate _id Field Denial of Service

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-26780 - "Samsung Exynos Denial of Service (DoS) Vulnerability"

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-32023 - Redis Heap Out-of-Bounds Write Remote Code Execution Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-43931 - Flask Boilerplate Server-Side Request Forgery (SSRF)

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-43932 - Apache JobCenter Unvalidated Host Header Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-43933 - Facebook fblog Server Name Header Injection

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-45065 - "Employee Record Management System in PHP and MySQL SQL Injection Vulnerability"

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-45479 - EduCoder Container Code Injection Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-47202 - Samsung Exynos RRC Out-of-Bounds Write Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-48367 - Redis Denial of Service Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-52492 - "Paxton Paxton10 Twilio API Hard-Coded Credentials Disclosure"

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-53373 - Natours Host Header Injection Vulnerability

]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-6806 - Marvell QConvergeConsole Directory Traversal File Write Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6807 - Marvell QConvergeConsole Directory Traversal Information Disclosure

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6810 - Mescius ActiveReports.NET Deserialization Remote Code Execution

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6811 - Mescius ActiveReports.NET TypeResolutionService Deserialization Remote Code Execution Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-7132 - Campcodes Payroll Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-7133 - CodeAstro Online Movie Ticket Booking System Cross-Site Request Forgery Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-5987 - Libssh ChaCha20 Cipher Context Initialization Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6663 - GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6711 - MongoDB Server Information Disclosure Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6712 - MongoDB Server Memory Consumption Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6713 - MongoDB Server Unauthorized Data Access Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6714 - MongoDB Mongos Unresponsive Connections Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6793 - Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6794 - Marvell QConvergeConsole Directory Traversal Remote Code Execution Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6795 - Marvell QConvergeConsole Directory Traversal Information Disclosure

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6796 - Marvell QConvergeConsole Directory Traversal Information Disclosure

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6797 - Marvell QConvergeConsole Directory Traversal Information Disclosure Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6798 - Marvell QConvergeConsole Directory Traversal Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6799 - Marvell QConvergeConsole Directory Traversal Information Disclosure Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6800 - Marvell QConvergeConsole Directory Traversal Information Disclosure Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6801 - Marvell QConvergeConsole Directory Traversal Arbitrary File Write Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6802 - Marvell QConvergeConsole Unrestricted File Upload Remote Code Execution Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6803 - Marvell QConvergeConsole Directory Traversal Information Disclosure Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6804 - Marvell QConvergeConsole Directory Traversal Information Disclosure Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6805 - Marvell QConvergeConsole Directory Traversal Vulnerability

]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6209 - Run-llama Llama Index Path Traversal Vulnerability

]]>

Mon, 07 Jul 2025 13:15:00 GMT

read more

CVE-2025-7128 - Campcodes Payroll Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 13:15:00 GMT

read more

CVE-2025-7129 - Campcodes Payroll Management System SQL Injection

]]>

Mon, 07 Jul 2025 13:15:00 GMT

read more

CVE-2025-7126 - iSourcecode Employee Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 12:15:00 GMT

read more

CVE-2025-7127 - iSourcecode Employee Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 12:15:00 GMT

read more

CVE-2025-7124 - "Code-projects Online Note Sharing Unrestricted File Upload Vulnerability"

]]>

Mon, 07 Jul 2025 11:15:00 GMT

read more

CVE-2025-7125 - iSourcecode Employee Management System SQL Injection

]]>

Mon, 07 Jul 2025 11:15:00 GMT

read more

CVE-2024-43334 - Gavias Halpes Cross-site Scripting (XSS)

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3044 - ArxivReader MD5 Hash Collision Vulnerability

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3046 - "Obsidian Reader Symbolic Link File Read Vulnerability"

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3225 - LLama Index XML Entity Expansion Denial of Service

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3262 - Apache Transformers ReDoS

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3263 - Hugging Face Transformers ReDoS Vulnerability

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3264 - Hugging Face Transformers Regular Expression Denial of Service (ReDoS)

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3466 - Langgenius Dify Arbitrary Code Execution Vulnerability

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3467 - Dify Firefox XSS Token Stealer

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3626 - Apache Device OS Command Injection

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3705 - FirmwareLoader OS Command Injection

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3777 - YouTube URL Validation Bypass in Hugging Face Transformers

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-4779 - Lunary Ai Lunary Stored Cross-Site Scripting (XSS)

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-5472 - Llama Index JSONReader Stack Overflow Denial of Service Vulnerability

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-6210 - ObsidianReader Hardlink-Based Path Traversal Vulnerability

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-6386 - Apache Parisneo Timing Attack in Lollms Authentication

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-7122 - Campcodes Complaint Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-7123 - Campcodes Complaint Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3920 - SUR-FBD CMMS Hard-Coded Credentials Disclosure

]]>

Mon, 07 Jul 2025 09:15:00 GMT

read more

CVE-2025-7120 - Campcodes Complaint Management System SQL Injection

]]>

Mon, 07 Jul 2025 09:15:00 GMT

read more

CVE-2025-7121 - Campcodes Complaint Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 09:15:00 GMT

read more

CVE-2025-7118 - UTT HiPER 840G Buffer Overflow Vulnerability

]]>

Mon, 07 Jul 2025 08:15:00 GMT

read more

CVE-2025-7119 - Campcodes Complaint Management System SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 08:15:00 GMT

read more

CVE-2025-41672 - Citrix NetScaler JWT Token Default Certificate Vulnerability

]]>

Mon, 07 Jul 2025 07:15:00 GMT

read more

CVE-2025-7116 - UTT 进取 Wireless Config Buffer Overflow Vulnerability

]]>

Mon, 07 Jul 2025 07:15:00 GMT

read more

CVE-2025-7117 - UTT HiPER 840G Buffer Overflow Vulnerability

]]>

Mon, 07 Jul 2025 07:15:00 GMT

read more

CVE-2025-7114 - SimStudioAI Session Handler Missing Authentication Vulnerability

]]>

Mon, 07 Jul 2025 06:15:00 GMT

read more

CVE-2025-7115 - Rowboatlabs Rowboat Remote Authentication Bypass Vulnerability

]]>

Mon, 07 Jul 2025 06:15:00 GMT

read more

CVE-2025-24508 - VMware IT Management Agent Credentials Exposure

]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-48501 - Nimesa Backup and Recovery Command Injection Vulnerability

]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-53473 - Nimesa Backup and Recovery SSRF Vulnerability

]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-7111 - Portabilis i-Educar Cross-Site Scripting Vulnerability in Course Module

]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-7112 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-7113 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-7110 - Portabilis i-Educar Cross-Site Scripting Vulnerability

]]>

Mon, 07 Jul 2025 04:15:00 GMT

read more

CVE-2025-53183 - Adobe PDF Preview Module Null Pointer Dereference

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53184 - AcroPDF Null Pointer Dereference

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53185 - Apache Memory Corruption Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53186 - "ZTE Audio Framework Unverified Broadcast Vulnerability"

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-7107 - SimStudioAI Sim Path Traversal Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-7108 - Risesoft Y9 Digital-Infrastructure Remote Path Traversal Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-7109 - Portabilis i-Educar Cross-Site Scripting (XSS) Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-7145 - ThreatSonar Anti-Ransomware OS Command Injection Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53178 - Harman International Calendar Storage Module Permission Bypass Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53179 - Adobe PDF Preview Module Null Pointer Dereference Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53180 - Adobe PDF Null Pointer Dereference Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53181 - Adobe PDF Preview Module Null Pointer Dereference Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53182 - Adobe PDF Preview Module Null Pointer Dereference

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53173 - Apache Tika Image Parsing Stack Overflow Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53174 - Adobe Illustrator Stack Overflow Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53175 - Adobe Illustrator Stack Overflow Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53176 - Adobe Illustrator Heap-Based Buffer Overflow

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53177 - Fossil Calendar Storage Module Permission Bypass Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2024-58117 - Apache PDFBox Image Parsing Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53167 - "Apache Distributed Collaboration Framework Authentication Bypass"

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53168 - Hikvision Distributed Camera Process Bypass Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53169 - Hikvision Distributed Camera Peer Device Start-Up Bypass Vulnerability (Authentication Bypass)

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53170 - Apache Exit Cause Module Null Pointer Dereference Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53171 - Adobe Illustrator Stack Overflow Vulnerability

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53172 - Adobe Illustrator Out-of-Bounds Write

]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-7100 - BoyunCMS Unrestricted File Upload Vulnerability

]]>

Mon, 07 Jul 2025 01:15:00 GMT

read more

CVE-2025-7101 - BoyunCMS Configuration File Handler Remote Code Injection Vulnerability

]]>

Mon, 07 Jul 2025 01:15:00 GMT

read more

CVE-2025-7102 - BoyunCMS SQL Injection Vulnerability

]]>

Mon, 07 Jul 2025 01:15:00 GMT

read more

CVE-2025-7099 - BoyunCMS PHP Deserialization Vulnerability in Installation Handler

]]>

Mon, 07 Jul 2025 00:15:00 GMT

read more

Fuite de données chez Union Nationale du Sport Scolaire

]]>

Mon Jul 07 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-3108 - "LLama Index JsonPickleSerializer Python Pickle Deserialization RCE"

]]>

Sun, 06 Jul 2025 23:15:00 GMT

read more

CVE-2025-7097 - Comodo Internet Security Premium OS Command Injection Vulnerability

]]>

Sun, 06 Jul 2025 23:15:00 GMT

read more

CVE-2025-7098 - Comodo Internet Security Premium Path Traversal Vulnerability

]]>

Sun, 06 Jul 2025 23:15:00 GMT

read more

CVE-2025-7095 - Comodo Internet Security Premium Certificate Validation Vulnerability

]]>

Sun, 06 Jul 2025 22:15:00 GMT

read more

CVE-2025-7096 - Comodo Internet Security Premium Manifest File Handler XML Integrity Check Validation Vulnerability

]]>

Sun, 06 Jul 2025 22:15:00 GMT

read more

CVE-2025-7093 - Belkin F9K1122 Remote Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 06 Jul 2025 21:15:00 GMT

read more

CVE-2025-7094 - Belkin Webs Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 06 Jul 2025 21:15:00 GMT

read more

CVE-2025-7091 - Belkin Webs Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 06 Jul 2025 20:15:00 GMT

read more

CVE-2025-7092 - Belkin F9K1122 Web WPS Enrolee Pin Stack Buffer Overflow

]]>

Sun, 06 Jul 2025 20:15:00 GMT

read more

CVE-2025-7089 - Belkin F9K1122 Web Component Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 06 Jul 2025 19:15:00 GMT

read more

CVE-2025-7090 - Belkin Webs Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 06 Jul 2025 19:15:00 GMT

read more

CVE-2025-7087 - "Belkin F9K1122 Web L2TPSetup Stack-Based Buffer Overflow"

]]>

Sun, 06 Jul 2025 18:15:00 GMT

read more

CVE-2025-7088 - Belkin Webs Stack-Based Buffer Overflow

]]>

Sun, 06 Jul 2025 18:15:00 GMT

read more

CVE-2025-7085 - Belkin F9K1122 Remote Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 06 Jul 2025 17:15:00 GMT

read more

CVE-2025-7086 - Belkin F9K1122 Web PPTPSetup Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 06 Jul 2025 17:15:00 GMT

read more

CVE-2025-7083 - Belkin Webs mp Command Injection Vulnerability

]]>

Sun, 06 Jul 2025 16:15:00 GMT

read more

CVE-2025-7084 - "Belkin F9K1122 Web-based Buffer Overflow Vulnerability"

]]>

Sun, 06 Jul 2025 16:15:00 GMT

read more

CVE-2025-5333 - Apache RCE

]]>

Sun, 06 Jul 2025 14:15:00 GMT

read more

CVE-2025-7080 - "Done-0 Jank JWT Token Handler Hardcoded Password Vulnerability"

]]>

Sun, 06 Jul 2025 14:15:00 GMT

read more

CVE-2025-7081 - Belkin F9K1122 WebOS Command Injection Vulnerability

]]>

Sun, 06 Jul 2025 14:15:00 GMT

read more

CVE-2025-7082 - Belkin Webs OS Command Injection Vulnerability

]]>

Sun, 06 Jul 2025 14:15:00 GMT

read more

CVE-2025-7079 - Mao888 Bluebell-Plus Hard-Coded Password JWT Token Handler Vulnerability

]]>

Sun, 06 Jul 2025 13:15:00 GMT

read more

CVE-2025-38235 - "Linux HID Backlight Reference Leak"

]]>

Sun, 06 Jul 2025 10:15:00 GMT

read more

CVE-2025-7078 - 07FlyCMS Cross-Site Request Forgery Vulnerability

]]>

Sun, 06 Jul 2025 09:15:00 GMT

read more

CVE-2025-7077 - Shenzhen Libituo Technology LBT-T300-T310 Buffer Overflow Vulnerability

]]>

Sun, 06 Jul 2025 07:15:00 GMT

read more

CVE-2025-27446 - Apache APISIX(java-plugin-runner) Local Privilege Escalation

]]>

Sun, 06 Jul 2025 06:15:00 GMT

read more

CVE-2025-7076 - BlackVue Dashcam 590X Configuration Handler Local File Inclusion Vulnerability

]]>

Sun, 06 Jul 2025 01:15:00 GMT

read more

CVE-2025-7075 - BlackVue Dashcam 590X HTTP Endpoint Unrestricted File Upload Vulnerability

]]>

Sun, 06 Jul 2025 00:15:00 GMT

read more

CVE-2025-5316 - "Apache Log4j Remote Code Execution Vulnerability"

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-6022 - Apache Struts Remote Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-3896 - CVE-2018-3639: Cisco IOS XE Remote Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-4694 - Apache HTTP Server Remote Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-4950 - CVE-2018-3639: Apache Struts Remote Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-5104 - CVE-2022-1234: Adobe Flash Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-3283 - "Apache Struts Deserialization Remote Code Execution Vulnerability"

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-3524 - CVE-2022-36363: Apache Struts Command Injection

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-3094 - CVE-2019-16278: Adobe Flash Player Unvalidated Input

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-3156 - CVE-2022-1234: Apache Struts Remote Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-2856 - Cisco WebEx Vulnerability - Remote Code Execution

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-2904 - Apache Struts Remote Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-2504 - Apache HTTP Server Cross Site Scripting

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-2718 - CVE-2018-3627: Adobe Flash Player Cross-Site Scripting

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1737 - Here is a title for the vulnerability:Apache Struts Remote Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1772 - CVE-2021-22222: Apache Struts Deserialization RCE

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1990 - Apache Struts Remote Code Execution

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-2422 - CVE-2021-12345: Apache Struts Deserialization Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1631 - CVE-2019-0708: Microsoft Windows Remote Desktop Services Remote Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1573 - Apache Struts Remote Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1569 - Cisco WebEx Meeting Center Cross-Site Scripting

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1317 - Apache HTTP Server Remote Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1318 - CVE-2022-1234: Cisco WebEx Meeting Center Unvalidated Redirect

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1234 - CVE-2021-4034: Apache HTTP Server HTTP Request Smuggling

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1297 - CVE-2021-34567: Apache Struts Remote Code Execution Vulnerability

]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-7074 - Vercel Hyper Regular Expression Complexity

]]>

Sat, 05 Jul 2025 09:15:00 GMT

read more

CVE-2023-50786 - Dradis HTTP Image Reference Vulnerability (Arbitrary Code Execution)

]]>

Sat, 05 Jul 2025 04:15:00 GMT

read more

CVE-2025-47227 - Netmake ScriptCase Authentication Bypass

]]>

Sat, 05 Jul 2025 03:15:00 GMT

read more

CVE-2025-47228 - Shell Injection Vulnerability in Netmake ScriptCase Production Environment Extension

]]>

Sat, 05 Jul 2025 03:15:00 GMT

read more

CVE-2024-58254 - Rustls TLS ClientHello Panic

]]>

Sat, 05 Jul 2025 02:15:00 GMT

read more

CVE-2025-53603 - Alinto SOPE SOGo NULL Pointer Dereference

]]>

Sat, 05 Jul 2025 01:15:00 GMT

read more

CVE-2025-53604 - Apache Web-Push Denial of Service

]]>

Sat, 05 Jul 2025 01:15:00 GMT

read more

CVE-2025-53605 - Google Protobuf Rust Crate Uncontrolled Recursion Vulnerability

]]>

Sat, 05 Jul 2025 01:15:00 GMT

read more

CVE-2025-26850 - Quest KACE Systems Management Appliance Local Privilege Escalation

]]>

Sat, 05 Jul 2025 00:15:00 GMT

read more

CVE-2025-43711 - Tunnelblick Privilege Escalation Vulnerability

]]>

Sat, 05 Jul 2025 00:15:00 GMT

read more

CVE-2025-48952 - NetAlertX SHA-256 Magic Hash Login Bypass Vulnerability

]]>

Fri, 04 Jul 2025 23:15:00 GMT

read more

CVE-2025-53365 - Apache MCP Python SDK Denial of Service

]]>

Fri, 04 Jul 2025 22:15:00 GMT

read more

CVE-2025-53366 - Apache MCP Model Context Protocol Denial of Service

]]>

Fri, 04 Jul 2025 22:15:00 GMT

read more

CVE-2025-7070 - "IROAD Dashcam Q9 Local Network Resource Allocation Vulnerability"

]]>

Fri, 04 Jul 2025 22:15:00 GMT

read more

CVE-2025-53602 - Zipkin Spring Boot Actuator Heapdump Information Disclosure

]]>

Fri, 04 Jul 2025 21:15:00 GMT

read more

CVE-2025-7068 - HDF5 Memory Leak Vulnerability

]]>

Fri, 04 Jul 2025 21:15:00 GMT

read more

CVE-2025-7069 - HDF5 Heap-Based Buffer Overflow Vulnerability

]]>

Fri, 04 Jul 2025 21:15:00 GMT

read more

CVE-2025-53483 - Mediawiki SecurePoll CSRF

]]>

Fri, 04 Jul 2025 18:15:00 GMT

read more

CVE-2025-53484 - Mediawiki SecurePoll Stored Cross-Site Scripting

]]>

Fri, 04 Jul 2025 18:15:00 GMT

read more

CVE-2025-53485 - Mediawiki SecurePoll Election Admin Authentication Bypass

]]>

Fri, 04 Jul 2025 18:15:00 GMT

read more

CVE-2025-7067 - HDF5 Heap-Based Buffer Overflow

]]>

Fri, 04 Jul 2025 18:15:00 GMT

read more

CVE-2025-53481 - WikiMedia Mediawiki IPInfo Extension Uncontrolled Resource Consumption DoS

]]>

Fri, 04 Jul 2025 16:15:00 GMT

read more

CVE-2025-53482 - Wikimedia Foundation Mediawiki - IPInfo Extension Cross-Site Scripting (XSS) Vulnerability

]]>

Fri, 04 Jul 2025 16:15:00 GMT

read more

CVE-2025-52496 - Mbed TLS AESNI Detection Race Condition

]]>

Fri, 04 Jul 2025 15:15:00 GMT

read more

CVE-2025-52497 - Mbed TLS PEM Parsing Heap Buffer Underflow Vulnerability

]]>

Fri, 04 Jul 2025 15:15:00 GMT

read more

CVE-2025-49601 - MbedTLS LMS Public Key Buffer Out-of-Bounds Read

]]>

Fri, 04 Jul 2025 15:15:00 GMT

read more

CVE-2025-49600 - MbedTLS LMS Signature Forgery Vulnerability

]]>

Fri, 04 Jul 2025 15:15:00 GMT

read more

CVE-2025-38233 - Linux kernel Powerpc64 Ftrace Livepatching R15 Clobbered Vulnerability

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38234 - Linux Kernel Sched/rt: Push Rt Task Race Vulnerability

kernel BUG at kernel/sched/rt.c:1616! BUG_ON(idx >= MAX_RT_PRIO) Call Trace: ? __die_body+0x1a/0x60 ? die+0x2a/0x50 ? do_trap+0x85/0x100 ? pick_next_task_rt+0x6e/0x1d0 ? do_error_trap+0x64/0xa0 ? pick_next_task_rt+0x6e/0x1d0 ? exc_invalid_op+0x4c/0x60 ? pick_next_task_rt+0x6e/0x1d0 ? asm_exc_invalid_op+0x12/0x20 ? pick_next_task_rt+0x6e/0x1d0 __schedule+0x5cb/0x790 ? update_ts_time_stats+0x55/0x70 schedule_idle+0x1e/0x40 do_idle+0x15e/0x200 cpu_startup_entry+0x19/0x20 start_secondary+0x117/0x160 secondary_startup_64_no_verify+0xb0/0xbb -> BUG: kernel NULL pointer dereference, address: 00000000000000c0 Call Trace: ? __die_body+0x1a/0x60 ? no_context+0x183/0x350 ? __warn+0x8a/0xe0 ? exc_page_fault+0x3d6/0x520 ? asm_exc_page_fault+0x1e/0x30 ? pick_next_task_rt+0xb5/0x1d0 ? pick_next_task_rt+0x8c/0x1d0 __schedule+0x583/0x7e0 ? update_ts_time_stats+0x55/0x70 schedule_idle+0x1e/0x40 do_idle+0x15e/0x200 cpu_startup_entry+0x19/0x20 start_secondary+0x117/0x160 secondary_startup_64_no_verify+0xb0/0xbb -> BUG: unable to handle page fault for address: ffff9464daea5900 kernel BUG at kernel/sched/rt.c:1861! BUG_ON(rq->cpu != task_cpu(p)) -> kernel BUG at kernel/sched/rt.c:1055! BUG_ON(!rq->nr_running) Call Trace: ? __die_body+0x1a/0x60 ? die+0x2a/0x50 ? do_trap+0x85/0x100 ? dequeue_top_rt_rq+0xa2/0xb0 ? do_error_trap+0x64/0xa0 ? dequeue_top_rt_rq+0xa2/0xb0 ? exc_invalid_op+0x4c/0x60 ? dequeue_top_rt_rq+0xa2/0xb0 ? asm_exc_invalid_op+0x12/0x20 ? dequeue_top_rt_rq+0xa2/0xb0 dequeue_rt_entity+0x1f/0x70 dequeue_task_rt+0x2d/0x70 __schedule+0x1a8/0x7e0 ? blk_finish_plug+0x25/0x40 schedule+0x3c/0xb0 futex_wait_queue_me+0xb6/0x120 futex_wait+0xd9/0x240 do_futex+0x344/0xa90 ? get_mm_exe_file+0x30/0x60 ? audit_exe_compare+0x58/0x70 ? audit_filter_rules.constprop.26+0x65e/0x1220 __x64_sys_futex+0x148/0x1f0 do_syscall_64+0x30/0x80 entry_SYSCALL_64_after_hwframe+0x62/0xc7 -> BUG: unable to handle page fault for address: ffff8cf3608bc2c0 Call Trace: ? __die_body+0x1a/0x60 ? no_context+0x183/0x350 ? spurious_kernel_fault+0x171/0x1c0 ? exc_page_fault+0x3b6/0x520 ? plist_check_list+0x15/0x40 ? plist_check_list+0x2e/0x40 ? asm_exc_page_fault+0x1e/0x30 ? _cond_resched+0x15/0x30 ? futex_wait_queue_me+0xc8/0x120 ? futex_wait+0xd9/0x240 ? try_to_wake_up+0x1b8/0x490 ? futex_wake+0x78/0x160 ? do_futex+0xcd/0xa90 ? plist_check_list+0x15/0x40 ? plist_check_list+0x2e/0x40 ? plist_del+0x6a/0xd0 ? plist_check_list+0x15/0x40 ? plist_check_list+0x2e/0x40 ? dequeue_pushable_task+0x20/0x70 ? __schedule+0x382/0x7e0 ? asm_sysvec_reschedule_i ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-46733 - OP-TEE Secure Storage API Panic Vulnerability

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38228 - Imagination Media Linux Kernel Memory Leak

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38229 - "DVB-USB cxusb Uninitialized Variable Write"

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38230 - Linux JFS Shift Out of Bounds Vulnerability

= 0. - agwidth: 1 to min(LPERCTL/MAXAG, 2^(L2LPERCTL - 2*agheight)) ensures agperlev >= 1. - Ranges: 1-8 (agheight 0-3), 1-4 (agheight 4), 1 (agheight 5). - LPERCTL/MAXAG = 1024/128 = 8 limits leaves per AG; 2^(10 - 2*agheight) prevents division to 0. - agstart: 0 to CTLTREESIZE-1 - agwidth*(MAXAG-1) keeps ti within stree (size 1365). - Ranges: 0-1237 (agwidth 1), 0-348 (agwidth 8). UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:1400:9 shift exponent -335544310 is negative CPU: 0 UID: 0 PID: 5822 Comm: syz-executor130 Not tainted 6.14.0-rc5-syzkaller #0 Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 ubsan_epilogue lib/ubsan.c:231 [inline] __ubsan_handle_shift_out_of_bounds+0x3c8/0x420 lib/ubsan.c:468 dbAllocAG+0x1087/0x10b0 fs/jfs/jfs_dmap.c:1400 dbDiscardAG+0x352/0xa20 fs/jfs/jfs_dmap.c:1613 jfs_ioc_trim+0x45a/0x6b0 fs/jfs/jfs_discard.c:105 jfs_ioctl+0x2cd/0x3e0 fs/jfs/ioctl.c:131 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:906 [inline] __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Found by Linux Verification Center (linuxtesting.org) with Syzkaller. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38231 - Linux Kernel NFSd NULL Pointer Dereference Vulnerability

nfsd4_ssc_expire_umount. If nfsd_ssc isn't initialized, this can cause NULL pointer dereference. Normally the delayed start of laundromat_work allows sufficient time for nfsd_ssc initialization to complete. However, when the kernel waits too long for userspace responses (e.g. in nfs4_state_start_net -> nfsd4_end_grace -> nfsd4_record_grace_done -> nfsd4_cld_grace_done -> cld_pipe_upcall -> __cld_pipe_upcall -> wait_for_completion path), the delayed work may start before nfsd_ssc initialization finishes. Fix this by moving nfsd_ssc initialization before starting laundromat_work. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38232 - Linux NFSd Race Condition Vulnerability

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38224 - Kvaser PCIEFD Linux Kernel Slab Out-of-Bounds Write

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38225 - Vulnerability Title: "Imx-Jpeg Linux Kernel NULL Pointer Dereference"

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38226 - Linux Kernel V4L2 TPG Out-of-Bounds Write Vulnerability

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38227 - Linux Vidtv Slab Use-After-Free Vulnerability

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38221 - Linux Kernel ext4 Out-of-Bounds Punch Offset Vulnerability

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38222 - Linux ext4 Inline Data Overflow

EXT4_I(inode)->i_inline_size); at ext4_write_inline_data. Fix it by using a loff_t type for the len parameter in ext4_prepare_inline_data instead of an unsigned int. [ 44.545164] ------------[ cut here ]------------ [ 44.545530] kernel BUG at fs/ext4/inline.c:240! [ 44.545834] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 44.546172] CPU: 3 UID: 0 PID: 343 Comm: test Not tainted 6.15.0-rc2-00003-g9080916f4863 #45 PREEMPT(full) 112853fcebfdb93254270a7959841d2c6aa2c8bb [ 44.546523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 44.546523] RIP: 0010:ext4_write_inline_data+0xfe/0x100 [ 44.546523] Code: 3c 0e 48 83 c7 48 48 89 de 5b 41 5c 41 5d 41 5e 41 5f 5d e9 e4 fa 43 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 0f 0b 0b 0f 1f 44 00 00 55 41 57 41 56 41 55 41 54 53 48 83 ec 20 49 [ 44.546523] RSP: 0018:ffffb342008b79a8 EFLAGS: 00010216 [ 44.546523] RAX: 0000000000000001 RBX: ffff9329c579c000 RCX: 0000010000000006 [ 44.546523] RDX: 000000000000003c RSI: ffffb342008b79f0 RDI: ffff9329c158e738 [ 44.546523] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 44.546523] R10: 00007ffffffff000 R11: ffffffff9bd0d910 R12: 0000006210000000 [ 44.546523] R13: fffffc7e4015e700 R14: 0000010000000005 R15: ffff9329c158e738 [ 44.546523] FS: 00007f4299934740(0000) GS:ffff932a60179000(0000) knlGS:0000000000000000 [ 44.546523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.546523] CR2: 00007f4299a1ec90 CR3: 0000000002886002 CR4: 0000000000770eb0 [ 44.546523] PKRU: 55555554 [ 44.546523] Call Trace: [ 44.546523] [ 44.546523] ext4_write_inline_data_end+0x126/0x2d0 [ 44.546523] generic_perform_write+0x17e/0x270 [ 44.546523] ext4_buffered_write_iter+0xc8/0x170 [ 44.546523] vfs_write+0x2be/0x3e0 [ 44.546523] __x64_sys_pwrite64+0x6d/0xc0 [ 44.546523] do_syscall_64+0x6a/0xf0 [ 44.546523] ? __wake_up+0x89/0xb0 [ 44.546523] ? xas_find+0x72/0x1c0 [ 44.546523] ? next_uptodate_folio+0x317/0x330 [ 44.546523] ? set_pte_range+0x1a6/0x270 [ 44.546523] ? filemap_map_pages+0x6ee/0x840 [ 44.546523] ? ext4_setattr+0x2fa/0x750 [ 44.546523] ? do_pte_missing+0x128/0xf70 [ 44.546523] ? security_inode_post_setattr+0x3e/0xd0 [ 44.546523] ? ___pte_offset_map+0x19/0x100 [ 44.546523] ? handle_mm_fault+0x721/0xa10 [ 44.546523] ? do_user_addr_fault+0x197/0x730 [ 44.546523] ? do_syscall_64+0x76/0xf0 [ 44.546523] ? arch_exit_to_user_mode_prepare+0x1e/0x60 [ 44.546523] ? irqentry_exit_to_user_mode+0x79/0x90 [ 44.546523] entry_SYSCALL_64_after_hwframe+0x55/0x5d [ 44.546523] RIP: 0033:0x7f42999c6687 [ 44.546523] Code: 48 89 fa 4c 89 df e8 58 b3 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 44.546523] RSP: 002b:00007ffeae4a7930 EFLAGS: 00000202 ORIG_RAX: 0000000000000012 [ 44.546523] RAX: ffffffffffffffda RBX: 00007f4299934740 RCX: 00007f42999c6687 [ 44.546523] RDX: 0000000000000001 RSI: 000055ea6149200f RDI: 0000000000000003 [ 44.546523] RBP: 00007ffeae4a79a0 R08: 0000000000000000 R09: 0000000000000000 [ 44.546523] R10: 0000010000000005 R11: 0000000000000202 R12: 0000 ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38223 - Ceph: Kernel BUG on encrypted inode with unaligned file size

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38217 - Linux Kernel hwmon ftsteutates Time-of-Check to Time-of-Use (TOCTOU) Race Condition

fan_source[channel] twice without holding any locks. It is first checked against FTS_FAN_SOURCE_INVALID, and if the check passes, it is read again when used as an argument to the BIT() macro. This creates a Time-of-Check to Time-of-Use (TOCTOU) race condition. Another thread executing fts_update_device() can modify the value of data->fan_source[channel] between the check and its use. If the value is changed to FTS_FAN_SOURCE_INVALID (0xff) during this window, the BIT() macro will be called with a large shift value (BIT(255)). A bit shift by a value greater than or equal to the type width is undefined behavior and can lead to a crash or incorrect values being returned to userspace. Fix this by reading data->fan_source[channel] into a local variable once, eliminating the race condition. Additionally, add a bounds check to ensure the value is less than BITS_PER_LONG before passing it to the BIT() macro, making the code more robust against undefined behavior. This possible bug was found by an experimental static analysis tool developed by our team. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38218 - "QEMU F2FS Linux Kernel Sit Bitmap Size Out-of-Bounds Write Vulnerability"

bitmap_size is 192, so size of sit bitmap is 192*8=1536, at maximum there are 1536 sit blocks, however MAIN_SEGS is 261893, so that sit_blk_cnt is 4762, build_sit_entries() -> current_sit_addr() tries to access out-of-boundary in sit_bitmap at offset from [1536, 4762), once sit_bitmap and sit_bitmap_mirror is not the same, it will trigger f2fs_bug_on(). Let's add sanity check in f2fs_sanity_check_ckpt() to avoid panic. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38219 - Linux F2FS Negative Inode Link Vulnerability

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38220 - Linux Kernel ext4 NULL Pointer Dereference Vulnerability

folio_mark_dirty(). The latter calls mapping->a_ops->dirty_folio(), but symlink inodes are not assigned an a_ops vector in ext4, hence the crash. To avoid this problem, update the ext4_dirty_journalled_data() helper to only mark the folio dirty on regular files (for which a_ops is assigned). This also matches the journaling logic in the ext4_symlink() creation path, where ext4_handle_dirty_metadata() is called directly. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38215 - Linux Kernel fbdev Null-Pointer Dereference Vulnerability

var. ================================================================ general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 1 PID: 30371 Comm: syz-executor.1 Not tainted 5.10.226-syzkaller #0 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:fb_videomode_to_var+0x24/0x610 drivers/video/fbdev/core/modedb.c:901 Call Trace: display_to_var+0x3a/0x7c0 drivers/video/fbdev/core/fbcon.c:929 fbcon_resize+0x3e2/0x8f0 drivers/video/fbdev/core/fbcon.c:2071 resize_screen drivers/tty/vt/vt.c:1176 [inline] vc_do_resize+0x53a/0x1170 drivers/tty/vt/vt.c:1263 fbcon_modechanged+0x3ac/0x6e0 drivers/video/fbdev/core/fbcon.c:2720 fbcon_update_vcs+0x43/0x60 drivers/video/fbdev/core/fbcon.c:2776 do_fb_ioctl+0x6d2/0x740 drivers/video/fbdev/core/fbmem.c:1128 fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1203 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:739 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x67/0xd1 ================================================================ Even though fbcon_init() checks beforehand if fb_match_mode() in var_to_display() fails, it can not prevent the panic because fbcon_init() does not return error code. Considering this and the comment in the code about fb_match_mode() returning NULL - "This should not happen" - it is better to prevent registering the fb_info if its mode was not set successfully. Also move fb_add_videomode() closer to the beginning of do_register_framebuffer() to avoid having to do the cleanup on fail. Found by Linux Verification Center (linuxtesting.org) with Syzkaller. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38216 - "Apple IOMMU VT-d Device Aliasing Vulnerability"

]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38177 - Linux Kernel - Sch_hfsc Idempotent Vulnerability

cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 04 Jul 2025 13:15:00 GMT

read more

CVE-2025-48172 - SumatraPDF CHMLib Heap-Based Buffer Overflow

]]>

Fri, 04 Jul 2025 13:15:00 GMT

read more

CVE-2025-49809 - MTR Sudo Execution Hijacking Vulnerability

]]>

Fri, 04 Jul 2025 13:15:00 GMT

read more

CVE-2025-7061 - Intelbras InControl CSV Injection Vulnerability

]]>

Fri, 04 Jul 2025 13:15:00 GMT

read more

CVE-2025-49866 - Nikel Beautiful Cookie Consent Banner Cross-site Scripting

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-49867 - InspiryThemes RealHomes Privilege Escalation Vulnerability

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-49870 - Cozmoslabs Paid Member Subscriptions SQL Injection

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-4414 - CMSMasters Content Composer Remote File Inclusion Vulnerability

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-50032 - Paytiko for WooCommerce Missing Authorization Vulnerability

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-50039 - VG WORT METIS Missing Authorization Vulnerability

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52718 - Bearsthemes Alone Code Injection Vulnerability

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52776 - Thanhtungtnt Video List Manager Cross-site Scripting

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52796 - WordPress WP-Recall Cross-site Scripting

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52798 - Eyecix JobSearch Cross-site Scripting

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52805 - Leyka Path Traversal PHP Local File Inclusion Vulnerability

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52807 - ApusWP Kossy PHP Remote File Inclusion Vulnerability

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52813 - MobiLoud Missing Authorization Vulnerability

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52828 - Designthemes Red Art Java Deserialization Object Injection Vulnerability

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52830 - bSecure Universal Checkout SQL Injection

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52831 - Thanhtungtnt Video List Manager SQL Injection

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52832 - "WPO-HR NGG Smart Image Search SQL Injection"

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52833 - Designthemes LMS SQL Injection

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-6056 - Ergon Informatik AG Airlock IAM Information Disclosure

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-6740 - Contact Form 7 Stored Cross-Site Scripting Vulnerability

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-7066 - Jirafeau MIME Type Bypass Cross-Site Scripting Vulnerability

]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-38174 - "Thunderbolt: Double Dequeue Vulnerability"

request_queue (the list poison deference hints at it: 0xdead000000000122). Do not dequeue requests that don't have TB_CFG_REQUEST_ACTIVE bit set. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 04 Jul 2025 11:15:00 GMT

read more

CVE-2025-38175 - Linux Kernel Binder UAF Vulnerability

]]>

Fri, 04 Jul 2025 11:15:00 GMT

read more

CVE-2025-38176 - Linux Binder Use-After-Free Vulnerability

]]>

Fri, 04 Jul 2025 11:15:00 GMT

read more

CVE-2025-7060 - Monitorr Remote File Inclusion Vulnerability

]]>

Fri, 04 Jul 2025 11:15:00 GMT

read more

CVE-2025-5920 - WordPress Password Protected Posts Information Disclosure

]]>

Fri, 04 Jul 2025 10:15:00 GMT

read more

CVE-2025-27358 - mndpsingh287 Frontend File Manager Basic XSS Vulnerability

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28951 - CreedAlly Bulk Featured Image Unrestricted File Upload Vulnerability

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28957 - OwnerRez Cross-Site Scripting

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28963 - "URL Shortener Server-Side Request Forgery"

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28967 - Steve Truman Contact People LITE SQL Injection

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28969 - Cybio Gallery Widget SQL Injection

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28971 - CWD Web Designer Easy Elements Hider Cross-site Scripting Vulnerability

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-29001 - ZoomIt WooCommerce Shop Page Builder Missing Authorization Vulnerability

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-29007 - LMSACE Connect Missing Authorization Vulnerability

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-29012 - Kamleshyadav CF7 Mailchimp Add-on Authorization Bypass

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30929 - Amazon Web Services (AWS) fluXtore Authorization Bypass

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30943 - Aakif Kadiwala Posts Slider Shortcode Cross-site Scripting (XSS)

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30947 - Gopiplus Cool Fade Popup SQL Injection

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30969 - Gopiplus iFrame Images Gallery SQL Injection

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30979 - Gopiplus Pixelating image slideshow gallery SQL Injection

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30983 - Gopiplus Card Flip Image Slideshow Cross-Site Scripting (XSS)

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-53566 - Osama.esh WP Visitor Statistics Cross-site Scripting

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-53568 - Tony Zeoli Radio Station CSRF Vulnerability

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-53569 - Trust Payments Gateway for WooCommerce CSRF Vulnerability

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-5351 - LibSSH Double Free Vulnerability

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-24748 - LambertGroup All In One Slider Responsive SQL Injection

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-24757 - Long Watch Studio MyRewards Cross-site Scripting

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-24764 - A Jones Simply Guest Author Name Cross-site Scripting (XSS)

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-26591 - Noor Alam WP Fancybox Cross-site Scripting Vulnerability

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-27326 - bPlugins Video Gallery Block Stored Cross-site Scripting

]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2024-11937 - Elementor Premium Addons Stored Cross-Site Scripting Vulnerability

]]>

Fri, 04 Jul 2025 08:15:00 GMT

read more

CVE-2025-32918 - Checkmk Livestatus Command Injection Vulnerability

]]>

Fri, 04 Jul 2025 08:15:00 GMT

read more

CVE-2025-53599 - Whale Browser iOS Script Execution Vulnerability

]]>

Fri, 04 Jul 2025 08:15:00 GMT

read more

CVE-2025-53600 - Whale Browser Same-Origin Policy Bypass

]]>

Fri, 04 Jul 2025 08:15:00 GMT

read more

CVE-2025-6673 - WordPress Easy Restaurant Menu Manager Stored Cross-Site Scripting

]]>

Fri, 04 Jul 2025 08:15:00 GMT

read more

CVE-2025-5372 - OpenSSL SSH Key Derivation Buffer Initialization Vulnerability

]]>

Fri, 04 Jul 2025 06:15:00 GMT

read more

CVE-2025-6944 - Uncode Core WordPress Stored Cross-Site Scripting

]]>

Fri, 04 Jul 2025 06:15:00 GMT

read more

CVE-2025-5567 - WordPress Shortcodes Ultimate Stored Cross-Site Scripting Vulnerability

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-5924 - "WordPress Firebase Push Notification CSRF"

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-5933 - WordPress RD Contacto CSRF Vulnerability

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-5953 - WordPress WP Human Resource Management Privilege Escalation

set_role() without verifying that the current user is allowed to assign that role. This makes it possible for authenticated attackers, with Employee-level access and above, to elevate their privileges to administrator. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-5956 - WP Human Resource Management Plugin Arbitrary User Deletion Vulnerability

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6039 - WordPress ProcessingJS Stored Cross-Site Scripting

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6041 - WordPress yContributors CSRF

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6238 - WordPress AI Engine Plugin Open Redirect Vulnerability

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6586 - WordPress Download Plugin Remote Code Execution (RCE) Vulnerability

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6729 - WordPress PayMaster for WooCommerce SSRF Vulnerability

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6739 - WordPress WPQuiz SQL Injection Vulnerability

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6782 - GoZen Forms WordPress SQL Injection Vulnerability

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6783 - WordPress GoZen Forms SQL Injection

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6786 - DocCheck Login for WordPress Information Disclosure

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6787 - WordPress Smart Docs Stored Cross-Site Scripting

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6814 - Booking X WordPress Unauthorized Data Access Vulnerability

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-7046 - Elementor Image Gallery PowerFolio WordPress Stored Cross-Site Scripting Vulnerability

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-7053 - Cockpit Cross-Site Scripting Vulnerability

]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-5322 - VikRentCar WordPress Car Rental Management System File Upload Vulnerability (Arbitrary File Upload)

]]>

Thu, 03 Jul 2025 22:15:00 GMT

read more

CVE-2025-49005 - Next.js App Router/Cache Poisoning Vulnerability

]]>

Thu, 03 Jul 2025 21:15:00 GMT

read more

CVE-2025-49826 - Next.js Cache Poisoning DoS Vulnerability

]]>

Thu, 03 Jul 2025 21:15:00 GMT

read more

CVE-2025-53367 - DjVuLibre Out-of-Bounds Write and Read Vulnerability

]]>

Thu, 03 Jul 2025 21:15:00 GMT

read more

CVE-2025-53370 - Citizen MediaWiki Cross-Site Scripting (XSS)

]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-53368 - Citizen MediaWiki XSS Injection Vulnerability

]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-53369 - MediaWiki Short Description Cross-Site Scripting

]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34061 - PHPStudy Unauthenticated Remote Code Execution Backdoor

]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34082 - IGEL OS Command Injection Vulnerability

]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34086 - Bolt CMS Remote Code Execution Vulnerability

]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34087 - Pi-hole Command Injection Vulnerability

]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34088 - Pandora FMS Remote Code Execution Vulnerability

]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34089 - Aexol Studio Remote for Mac Remote Code Execution Vulnerability

]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-52554 - n8n Unauthorized Execution Stop Vulnerability

]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-23968 - WPCenter AiBud WP Unrestricted File Upload RCE

]]>

Thu, 03 Jul 2025 19:15:00 GMT

read more

CVE-2025-45809 - BerriAI litellm SQL Injection Vulnerability

]]>

Thu, 03 Jul 2025 19:15:00 GMT

read more

CVE-2025-53489 - Wikimedia Foundation Mediawiki GoogleDocs4MW Extension Cross-Site Scripting (XSS)

]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-53500 - Wikimedia Foundation Mediawiki MassEditRegex Stored XSS

]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-53501 - Wikimedia Foundation Mediawiki Scribunto Extension Access Control Bypass

]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-53502 - WikiMedia Mediawiki FeaturedFeeds Extension Cross-Site Scripting (XSS) Vulnerability

]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-6071 - ABB RMC-100 ABB RMC-100 LITE Hard-coded Cryptographic Key Information Disclosure

]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-6072 - ABB RMC-100/100 LITE Stack-based Buffer Overflow

]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-6073 - ABB RMC-100/LITE Stack-based Buffer Overflow

]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-6074 - ABB RMC-100/100 LITE Hard-coded Cryptographic Key Authentication Bypass

]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-6926 - Wikimedia Foundation Mediawiki CentralAuth Extension Authentication Bypass Vulnerability

]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-49846 - Wire iOS Unauthenticated System Log Disclosure

]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-48939 - Tarteaucitron.js Script Element Property Clobbering Vulnerability

]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-53490 - Wikimedia Foundation Mediawiki CampaignEvents Extension Cross-Site Scripting (XSS)

]]>

Thu, 03 Jul 2025 16:15:00 GMT

read more

CVE-2025-45938 - Akeles Out of Office Assistant for Jira XSS

]]>

Thu, 03 Jul 2025 15:15:00 GMT

read more

Fiabiliser la vérification d'identité à distance avec l’European Digital Identity Wallet

]]>

Thu, 03 Jul 2025 14:34:00 GMT

read more

CVE-2025-43713 - ASNA Assist and ASNA Registrar Deserialization Vulnerability

]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-50258 - Tenda AC6 Buffer Overflow Vulnerability

]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-50260 - Tenda AC6 Buffer Overflow Vulnerability

]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-50262 - Tenda AC6 Buffer Overflow Vulnerability

]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-50263 - Tenda AC6 Buffer Overflow

]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-5961 - NGINX WordPress Plugin WPvivid Backup Migration Arbitrary File Upload Vulnerability

]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-3702 - Melapress File Monitor Missing Authorization Vulnerability

]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-49032 - PublishPress Gutenberg Blocks Cross-Site Scripting (XSS)

]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-49595 - n8n Denial of Service (DoS) Vulnerability

]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-49618 - "Plesk Obsidian AWS Credentials Disclosure"

]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-2537 - WordPress ThickBox Stored Cross-Site Scripting

]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-2932 - JKDEVKIT WordPress Arbitrary File Deletion Vulnerability

]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-27454 - Adobe ColdFusion CSRF

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27455 - Apache Clickjacking Vulnerability

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27456 - Cisco SMB Authentication Brute Force

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27457 - RealVNC Unencrypted Communication Information Disclosure

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27458 - VNC Password Derivation Vulnerability

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27459 - VNC Weak Password Storage

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27460 - Dell Device Physical Storage Unencrypted Vulnerability

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27461 - "HP Device EPC2 Passwordless Login Vulnerability"

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-2540 - WordPress PrettyPhoto Stored Cross-Site Scripting

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-40722 - Flatboard Pro Stored XSS

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-40723 - Flatboard Pro Stored Cross-Site Scripting (XSS)

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-6563 - MikroTik RouterOS Cross-Site Scripting

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27447 - Apache Web Server Cross-Site Scripting Vulnerability

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27448 - Apache Dashboards Cross-Site Scripting (XSS)

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27449 - Apache MEAC300-FNADE4 Authentication Brute-Force Vulnerability

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27450 - MEAC300-FNADE4 Cookie Insecure Transmission Vulnerability

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27451 - Apache Struts Username Enumeration

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27452 - Apache MEAC300-FNADE4 Unsecured Module Configuration Vulnerability

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27453 - Apache PHP HttpOnly Cookie Access Vulnerability

]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2024-5647 - WordPress Magnific Popups Stored Cross-Site Scripting Vulnerability

]]>

Thu, 03 Jul 2025 10:15:00 GMT

read more

CVE-2025-0885 - OpenText GroupWise Unauthorized Calendar Access Vulnerability

]]>

Thu, 03 Jul 2025 10:15:00 GMT

read more

CVE-2025-6587 - Docker Desktop Environment Variable Disclosure Vulnerability

]]>

Thu, 03 Jul 2025 10:15:00 GMT

read more

CVE-2025-38151 - Linux Kernel RDMA cma: Work Queue Corruption Vulnerability

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38153 - Allegro USB Network AQC111 Uninitialized Memory Access Vulnerability

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38154 - Linux Kernel BPF Sockmap Use After Free Vulnerability

sk_socket is not locked or referenced in backlog thread, and during the call to skb_send_sock(), there is a race condition with the release of sk_socket. All types of sockets(tcp/udp/unix/vsock) will be affected. Race conditions: ''' CPU0 CPU1 backlog::skb_send_sock sendmsg_unlocked sock_sendmsg sock_sendmsg_nosec close(fd): ... ops->release() -> sock_map_close() sk_socket->ops = NULL free(socket) sock->ops->sendmsg ^ panic here ''' The ref of psock become 0 after sock_map_close() executed. ''' void sock_map_close() { ... if (likely(psock)) { ... // !! here we remove psock and the ref of psock become 0 sock_map_remove_links(sk, psock) psock = sk_psock_get(sk); if (unlikely(!psock)) goto no_psock; == Control jumps here via goto ... cancel_delayed_work_sync(&psock->work); == not executed sk_psock_put(sk, psock); ... } ''' Based on the fact that we already wait for the workqueue to finish in sock_map_close() if psock is held, we simply increase the psock reference count to avoid race conditions. With this patch, if the backlog thread is running, sock_map_close() will wait for the backlog thread to complete and cancel all pending work. If no backlog running, any pending work that hasn't started by then will fail when invoked by sk_psock_get(), as the psock reference count have been zeroed, and sk_psock_drop() will cancel all jobs via cancel_delayed_work_sync(). In summary, we require synchronization to coordinate the backlog thread and close() thread. The panic I catched: ''' Workqueue: events sk_psock_backlog RIP: 0010:sock_sendmsg+0x21d/0x440 RAX: 0000000000000000 RBX: ffffc9000521fad8 RCX: 0000000000000001 ... Call Trace: ? die_addr+0x40/0xa0 ? exc_general_protection+0x14c/0x230 ? asm_exc_general_protection+0x26/0x30 ? sock_sendmsg+0x21d/0x440 ? sock_sendmsg+0x3e0/0x440 ? __pfx_sock_sendmsg+0x10/0x10 __skb_send_sock+0x543/0xb70 sk_psock_backlog+0x247/0xb80 ... ''' Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38155 - "Qualcomm Atheros mt76 Wireless Null Pointer Dereference Vulnerability"

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38156 - Marvell MT7996 Null Pointer Dereference Vulnerability (WiFi)

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38157 - "Qualcomm ath9k_htc USB WMI Out-of-Bounds Read/Write"

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38158 - Hisi Acc VFio PCI DMA Address Error Vulnerability

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38159 - "RTW88 WiFi Out-of-Bounds Read"

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38160 - Raspberry Pi Linux Kernel NULL Pointer Dereference Vulnerability

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38161 - "IBM Mellanox mlx5 RDMA Use-After-Free Vulnerability"

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38162 - Linux Kernel Netfilter NFT Set Pipapo Integer Overflow Vulnerability

field_len[] maximum value is U8_MAX multiplied by NFT_PIPAPO_GROUPS_PER_BYTE(f) that can be 2, worst case. - NFT_PIPAPO_BUCKETS(f->bb) is 2^8, worst case. - sizeof(unsigned long), from sizeof(*f->lt), lt in struct nft_pipapo_field. Then, use check_mul_overflow() to multiply by bucket size and then use check_add_overflow() to the alignment for avx2 (if needed). Finally, add lt_size_check_overflow() helper and use it to consolidate this. While at it, replace leftover allocation using the GFP_KERNEL to GFP_KERNEL_ACCOUNT for consistency, in pipapo_resize(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38163 - "F2FS Sanity Check Denial of Service"

total_valid_block_count syzbot reported a f2fs bug as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/f2fs.h:2521! RIP: 0010:dec_valid_block_count+0x3b2/0x3c0 fs/f2fs/f2fs.h:2521 Call Trace: f2fs_truncate_data_blocks_range+0xc8c/0x11a0 fs/f2fs/file.c:695 truncate_dnode+0x417/0x740 fs/f2fs/node.c:973 truncate_nodes+0x3ec/0xf50 fs/f2fs/node.c:1014 f2fs_truncate_inode_blocks+0x8e3/0x1370 fs/f2fs/node.c:1197 f2fs_do_truncate_blocks+0x840/0x12b0 fs/f2fs/file.c:810 f2fs_truncate_blocks+0x10d/0x300 fs/f2fs/file.c:838 f2fs_truncate+0x417/0x720 fs/f2fs/file.c:888 f2fs_setattr+0xc4f/0x12f0 fs/f2fs/file.c:1112 notify_change+0xbca/0xe90 fs/attr.c:552 do_truncate+0x222/0x310 fs/open.c:65 handle_truncate fs/namei.c:3466 [inline] do_open fs/namei.c:3849 [inline] path_openat+0x2e4f/0x35d0 fs/namei.c:4004 do_filp_open+0x284/0x4e0 fs/namei.c:4031 do_sys_openat2+0x12b/0x1d0 fs/open.c:1429 do_sys_open fs/open.c:1444 [inline] __do_sys_creat fs/open.c:1522 [inline] __se_sys_creat fs/open.c:1516 [inline] __x64_sys_creat+0x124/0x170 fs/open.c:1516 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/syscall_64.c:94 The reason is: in fuzzed image, sbi->total_valid_block_count is inconsistent w/ mapped blocks indexed by inode, so, we should not trigger panic for such case, instead, let's print log and set fsck flag. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38164 - VirtualBox F2FS Inconsistent Segment Type

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38165 - Linux BPF Sockmap Panic Vulnerability

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38166 - Linux Kernel BPF ktls Panic Vulnerability

sg may increase, e.g., when the BPF program executes bpf_msg_push_data(). If the BPF program sets cork_bytes and sg.size is smaller than cork_bytes, it will return -ENOSPC and attempt to roll back to the non-zero copy logic. However, during rollback, msg->msg_iter is reset, but since msg_pl->sg.size has been increased, subsequent executions will exceed the actual size of msg_iter. ''' iov_iter_revert(&msg->msg_iter, msg_pl->sg.size - orig_size); ''' The changes in this commit are based on the following considerations: 1. When cork_bytes is set, rolling back to non-zero copy logic is pointless and can directly go to zero-copy logic. 2. We can not calculate the correct number of bytes to revert msg_iter. Assume the original data is "abcdefgh" (8 bytes), and after 3 pushes by the BPF program, it becomes 11-byte data: "abc?de?fgh?". Then, we set cork_bytes to 6, which means the first 6 bytes have been processed, and the remaining 5 bytes "?fgh?" will be cached until the length meets the cork_bytes requirement. However, some data in "?fgh?" is not within 'sg->msg_iter' (but in msg_pl instead), especially the data "?" we pushed. So it doesn't seem as simple as just reverting through an offset of msg_iter. 3. For non-TLS sockets in tcp_bpf_sendmsg, when a "cork" situation occurs, the user-space send() doesn't return an error, and the returned length is the same as the input length parameter, even if some data is cached. Additionally, I saw that the current non-zero-copy logic for handling corking is written as: ''' line 1177 else if (ret != -EAGAIN) { if (ret == -ENOSPC) ret = 0; goto send_end; ''' So it's ok to just return 'copied' without error when a "cork" situation occurs. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38167 - "NTFS3 Linux Kernel Null Pointer Dereference Vulnerability"

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38168 - "ARM-NI Linux Kernel Perf PMU Unregister Vulnerability"

prev should be prev (fffffd01e9698a18), but was 0000000000000000. (next=ffff10001a0decc8). pstate: 6340009 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) pc : list_add_valid_or_report+0x7c/0xb8 lr : list_add_valid_or_report+0x7c/0xb8 Call trace: __list_add_valid_or_report+0x7c/0xb8 perf_pmu_register+0x22c/0x3a0 arm_ni_probe+0x554/0x70c [arm_ni] platform_probe+0x70/0xe8 really_probe+0xc6/0x4d8 driver_probe_device+0x48/0x170 __driver_attach+0x8e/0x1c0 bus_for_each_dev+0x64/0xf0 driver_add+0x138/0x260 bus_add_driver+0x68/0x138 __platform_driver_register+0x2c/0x40 arm_ni_init+0x14/0x2a [arm_ni] do_init_module+0x36/0x298 ---[ end trace 0000000000000000 ]--- Kernel panic - not syncing: Oops - BUG: Fatal exception SMP: stopping secondary CPUs Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38169 - Linux Kernel ARM64 FPSIMD State Clobbering Vulnerability

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38170 - Linux kernel - arm64 FPSIMD SME Trap Handling Stale CPU State Vulnerability

fpsimd_cpu is 0. | // per_cpu_ptr(&fpsimd_last_state, 0) is task. | | ... | | // Preempted; migrated from CPU 0 to CPU 1. | // TIF_FOREIGN_FPSTATE is set. | | get_cpu_fpsimd_context(); | | /* With TIF_SME userspace shouldn't generate any traps */ | if (test_and_set_thread_flag(TIF_SME)) | WARN_ON(1); | | if (!test_thread_flag(TIF_FOREIGN_FPSTATE)) { | unsigned long vq_minus_one = | sve_vq_from_vl(task_get_sme_vl(current)) - 1; | sme_set_vq(vq_minus_one); | | fpsimd_bind_task_to_cpu(); | } | | put_cpu_fpsimd_context(); | | // Preempted; migrated from CPU 1 to CPU 0. | // task->fpsimd_cpu is still 0 | // If per_cpu_ptr(&fpsimd_last_state, 0) is still task then: | // - Stale HW state is reused (with SME traps enabled) | // - TIF_FOREIGN_FPSTATE is cleared | // - A return to userspace skips HW state restore | } Fix the case where the state is not live and TIF_FOREIGN_FPSTATE is set by calling fpsimd_flush_task_state() to detach from the saved CPU state. This ensures that a subsequent context switch will not reuse the stale CPU state, and will instead set TIF_FOREIGN_FPSTATE, forcing the new state to be reloaded from memory prior to a return to userspace. Note: this was originallly posted as [1]. [ Rutland: rewrite commit message ] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38171 - Linux Power Supply Driver Max77705 Workqueue Vulnerability

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38172 - "Linux EROFS UAF Vulnerability"

dif0 is not inited yet, // return -ENOTBLK deactivate_locked_super free(sbi) if (err is -ENOTBLK) sbi->dif0.file = filp_open() // sbi UAF So if -ENOTBLK is hitted in `erofs_init_device`, it means the primary device must be a block device, and the extra device is not a block device. The error can be converted to -EINVAL. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38173 - Marvell CESA Zero-Length SKCipher Request Buffer Overflow

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38148 - Linux Kernel net: phy: mscc Memory Leak

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38149 - Linux Kernel Net Phydev Devlink Crash Vulnerability

devlink when the link is deleted There is a potential crash issue when disabling and re-enabling the network port. When disabling the network port, phy_detach() calls device_link_del() to remove the device link, but it does not clear phydev->devlink, so phydev->devlink is not a NULL pointer. Then the network port is re-enabled, but if phy_attach_direct() fails before calling device_link_add(), the code jumps to the "error" label and calls phy_detach(). Since phydev->devlink retains the old value from the previous attach/detach cycle, device_link_del() uses the old value, which accesses a NULL pointer and causes a crash. The simplified crash log is as follows. [ 24.702421] Call trace: [ 24.704856] device_link_put_kref+0x20/0x120 [ 24.709124] device_link_del+0x30/0x48 [ 24.712864] phy_detach+0x24/0x168 [ 24.716261] phy_attach_direct+0x168/0x3a4 [ 24.720352] phylink_fwnode_phy_connect+0xc8/0x14c [ 24.725140] phylink_of_phy_connect+0x1c/0x34 Therefore, phydev->devlink needs to be cleared when the device link is deleted. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38150 - Linux Kernel af_packet Packet Dev Mc Vulnerability

]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2024-9017 - PeepSo Core: Groups Stored Cross-Site Scripting Vulnerability

]]>

Thu, 03 Jul 2025 07:15:00 GMT

read more

CVE-2025-5944 - Elementor Element Pack Addons Stored Cross-Site Scripting

]]>

Thu, 03 Jul 2025 05:15:00 GMT

read more

CVE-2025-34074 - Lucee Remote Code Execution Vulnerability in Scheduled Task Functionality

]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34075 - Vagrant Virtual Machine Escape via Ruby Code Injection

]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34076 - Microweber CMS Local File Inclusion Vulnerability

]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34078 - NSClient++ Privilege Escalation (Local)

]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34079 - NSClient++ Remote Code Execution Vulnerability

]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34090 - "Google Chrome AppBound Cookie Encryption Bypass"

]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34091 - Google Chrome AppBound Encryption Padding Oracle

]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34092 - Google Chrome AppBound Cookie Encryption Bypass

]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-43025 - HP Universal Print Driver Buffer Overflow Denial of Service

]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-52559 - Zulip Server Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-52842 - Laundry Cross-site Scripting (XSS)

]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-45813 - ENENSYS IPGuard Authentication Bypass

]]>

Wed, 02 Jul 2025 18:15:00 GMT

read more

CVE-2025-49713 - Microsoft Edge (Chromium-based) Type Confusion Code Execution Vulnerability

]]>

Wed, 02 Jul 2025 18:15:00 GMT

read more

CVE-2025-20307 - Cisco BroadWorks Application Delivery Platform Cross-Site Scripting (XSS) Vulnerability

]]>

Wed, 02 Jul 2025 17:15:00 GMT

read more

CVE-2025-20309 - Cisco Unified Communications Manager/Cisco Unified Communications Manager Session Management Edition Root Account Default Credential Vulnerability

]]>

Wed, 02 Jul 2025 17:15:00 GMT

read more

CVE-2025-45424 - Xinference Unauthenticated Web GUI Access Vulnerability

]]>

Wed, 02 Jul 2025 17:15:00 GMT

read more

CVE-2025-45814 - NS3000/NS2000 Authentication Bypass

]]>

Wed, 02 Jul 2025 17:15:00 GMT

read more

CVE-2025-52841 - Laundry CSRF Account Takeover

]]>

Wed, 02 Jul 2025 17:15:00 GMT

read more

CVE-2025-52886 - Poppler PDF Rendering Library Use-After-Free Vulnerability

]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-53358 - Kotaemon Local File Inclusion Directory Traversal Vulnerability

]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-53359 - Ethereum Crate Signature Malleability Vulnerability

]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-6942 - Secret Server Impersonation Vulnerability

]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-6943 - Thycotic Secret Server SQL Injection Vulnerability

]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-20310 - Cisco Enterprise Chat and Email (ECE) Stored Cross-Site Scripting Vulnerability

]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-20308 - Cisco Spaces Connector Privilege Escalation Vulnerability

]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-38092 - Linux Kernel ksmbd Null Pointer Dereference Vulnerability

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-38093 - Qualcomm ARM64 GPU Temperature Control Vulnerability (Thermal Overload)

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-52891 - ModSecurity XML Tag Segmentation Fault Vulnerability

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53006 - DataEase PostgreSQL/Redshift SSL Factory Parameter Injection Vulnerability

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53108 - HomeBox Unauthenticated Attachment Manipulation Vulnerability

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53109 - Filesystem Symlink File Access Vulnerability

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53110 - Filesystem Model Context Protocol Servers Directory Traversal Vulnerability

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53492 - Wikimedia Foundation Mediawiki - MintyDocs Extension Stored Cross-site Scripting (XSS)

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53493 - Wikimedia Foundation Mediawiki - MintyDocs Extension Stored Cross-site Scripting (XSS)

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53494 - Wikimedia Foundation Mediawiki TwoColConflict Extension Stored XSS

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-6725 - Adobe Acrobat PdfViewer XSS Vulnerability

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-38091 - AMD Display DRM False Positive Warning

]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53106 - Graylog API Token Privilege Escalation Vulnerability

Configuration > Users > "Allow users to create personal access tokens". Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34071 - Kerio Control Remote Code Execution Vulnerability

]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34072 - "Anthropic Slack MCP Server Data Exfiltration Vulnerability"

]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34073 - Maltrail Command Injection Vulnerability

]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-45029 - Winstar WN572HP3 Heap Overflow

]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-49588 - Linkwarden File Path Injection Vulnerability

]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-27026 - Infinera G42 WebGUI CLI Deactivation Privilege Escalation Vulnerability

]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34057 - Ruijie NBR Series Router Information Disclosure Vulnerability

]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34067 - Hikvision Integrated Security Management Platform Fastjson Remote Command Execution

]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34069 - Kerio Control Authentication Bypass through Insecure Proxy Configuration

]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34070 - GFI Kerio Control GFIAgent Authentication Bypass

]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2024-35164 - Apache Guacamole SSH Console Code Execution Vulnerability

]]>

Wed, 02 Jul 2025 12:15:00 GMT

read more

CVE-2025-46647 - Apache APISIX OpenID-Connect Plugin Issuer Key Reuse Vulnerability

]]>

Wed, 02 Jul 2025 12:15:00 GMT

read more

CVE-2025-39362 - Mollie Payments for WooCommerce Missing Authorization

]]>

Wed, 02 Jul 2025 11:15:00 GMT

read more

CVE-2025-27023 - "Infinera G42 WebGUI CLI File Disclosure Vulnerability"

]]>

Wed, 02 Jul 2025 10:15:00 GMT

read more

CVE-2025-27024 - Infinera G42 SFTP Unrestricted File System Access

]]>

Wed, 02 Jul 2025 10:15:00 GMT

read more

CVE-2025-27025 - Apache HTTP Server Directory Traversal File Read/Write Vulnerability

]]>

Wed, 02 Jul 2025 10:15:00 GMT

read more

CVE-2025-2330 - Elementor WidgetKit WordPress Stored Cross-Site Scripting

]]>

Wed, 02 Jul 2025 10:15:00 GMT

read more

CVE-2025-4946 - Vikinger WordPress Theme Arbitrary File Deletion Vulnerability

]]>

Wed, 02 Jul 2025 10:15:00 GMT

read more

CVE-2025-24332 - Nokia Single RAN AirScale Baseband SSH Privilege Escalation

]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24333 - Nokia Single RAN Baseband Administrative Shell Command Injection Vulnerability

]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24334 - Nokia Single RAN Baseband Software Information Disclosure Vulnerability

]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24335 - Nokia Single RAN SOAP Message Input Validation Vulnerability

]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-27021 - Infinera G42 Sudoers Configuration Memory Access Vulnerability

]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-27022 - Infinera G42 WebGUI HTTP Endpoint Path Traversal Vulnerability

]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24329 - "Nokia Single RAN Baseband SOAP Path Traversal Vulnerability"

]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24330 - "Nokia Single RAN Baseband SOAP Path Traversal Vulnerability"

]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24331 - Nokia Single RAN Root Privilege Escalation Vulnerability

]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24328 - Nokia Single RAN SOAP Stack Overflow

]]>

Wed, 02 Jul 2025 08:15:00 GMT

read more

CVE-2024-13786 - "WordPress Education Theme PHP Object Injection Vulnerability"

]]>

Wed, 02 Jul 2025 07:15:00 GMT

read more

CVE-2025-6017 - Red Hat Advanced Cluster Management Information Disclosure Vulnerability

]]>

Wed, 02 Jul 2025 07:15:00 GMT

read more

CVE-2024-13451 - Bit Form Contact Form Sensitive Information Exposure

]]>

Wed, 02 Jul 2025 06:15:00 GMT

read more

CVE-2025-6464 - Forminator Forms Unauthenticated PHP Object Injection Vulnerability

]]>

Wed, 02 Jul 2025 06:15:00 GMT

read more

CVE-2025-52462 - Active! mail XSS

]]>

Wed, 02 Jul 2025 05:15:00 GMT

read more

CVE-2025-52463 - Active! Mail CSRF Email Sending

]]>

Wed, 02 Jul 2025 05:15:00 GMT

read more

CVE-2025-6463 - Forminator Forms - WordPress Remote Code Execution via File Deletion

]]>

Wed, 02 Jul 2025 05:15:00 GMT

read more

CVE-2025-6686 - Elementor Magic Buttons Stored Cross-Site Scripting Vulnerability

]]>

Wed, 02 Jul 2025 04:16:00 GMT

read more

CVE-2025-6687 - Elementor Magic Buttons Stored Cross-Site Scripting Vulnerability

]]>

Wed, 02 Jul 2025 04:16:00 GMT

read more

CVE-2025-6459 - Ads Pro Plugin - WordPress Cross-Site Request Forgery (CSRF) Vulnerability

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-5014 - The Home Villas | Real Estate WordPress Theme File Deletion Vulnerability (Arbitrary File Deletion)

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-5339 - Adobe Ads Pro Plugin SQL Injection Vulnerability

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-5746 - WooCommerce Drag and Drop Multiple File Upload Arbitrary File Upload Vulnerability

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-5817 - Amazon Products to WooCommerce SSRF Vulnerability

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-6437 - WordPress Ads Pro Plugin SQL Injection Vulnerability

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2024-11405 - "WordPress WP Front-end login and register Reflected Cross-Site Scripting"

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-3848 - WordPress SmartPay Plugin Privilege Escalation Vulnerability

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-4380 - Adobe Ads Pro Plugin Local File Inclusion Vulnerability

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-4381 - WordPress Ads Pro Plugin SQL Injection Vulnerability

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-4654 - WordPress Soumettre.fr Unauthorized Access and Data Modification Vulnerability

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-4689 - Ads Pro Plugin - WordPress Remote Code Execution via Local File Inclusion and SQL Injection

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-52925 - One Identity OneLogin Active Directory Connector Cryptographic Weakness

]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-5692 - WordPress Lead Form Data Collection to CRM Plugin Privilege Escalation Vulnerability

]]>

Wed, 02 Jul 2025 03:15:00 GMT

read more

CVE-2025-36630 - Nessus Windows Local Privilege Escalation Vulnerability

]]>

Wed, 02 Jul 2025 00:15:00 GMT

read more

CVE-2025-36582 - Dell NetWorker SSL/TLS Algorithm Downgrade Information Disclosure

]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-37097 - HPE Insight Remote Support Denial of Service

]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-45872 - "zrlog SSRF"

]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-49029 - Bitto Kazi Custom Login And Signup Widget Code Injection Vulnerability

]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-6920 - ai-inference-server API Key Validation Bypass Vulnerability

]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-6953 - TOTOLINK A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-6954 - Campcodes Employee Management System SQL Injection Vulnerability

]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-6955 - Campcodes Employee Management System SQL Injection Vulnerability

]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-6956 - Campcodes Employee Management System SQL Injection Vulnerability

]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-49480 - Huawei LTE Telephony Out-of-Bounds Access Vulnerability

]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-49481 - Falcon_Linux, Kestrel, Lapwing_Linux Router Resource Leak Exposure

]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-49482 - Juniper Networks Tr069 Module Resource Leak Exposure

]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-49483 - Falcon Linux, Kestrel, and Lapwing Linux ASR180x, ASR190x TR069 Resource Leak Exposure

]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-5314 - Dear Flipbook WordPress DOM-Based Reflected Cross-Site Scripting Vulnerability

]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-6951 - SAFECAM X300 FTP Service Default Credentials Vulnerability

]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-6952 - Open5GS AMF Service Local Assertion Vulnerability

]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-49488 - Falcon_Linux, Kestrel, Lapwing_Linux Router Resource Leak Exposure

]]>

Tue, 01 Jul 2025 11:15:00 GMT

read more

CVE-2025-49491 - ASR Falcon_Linux, Kestrel, Lapwing_Linux Traffic Stat Resource Leak Exposure

]]>

Tue, 01 Jul 2025 11:15:00 GMT

read more

CVE-2025-49492 - Falcon_Linux, Kestrel, Lapwing_Linux LTE-Telephony Out-of-Bounds Write Buffer Underrun

]]>

Tue, 01 Jul 2025 11:15:00 GMT

read more

CVE-2025-6224 - Juju Certificate Private Key Exposure

]]>

Tue, 01 Jul 2025 11:15:00 GMT

read more

CVE-2025-49489 - ASR Falcon_Linux, Kestrel, Lapwing_Linux Resource Leak Exposure

]]>

Tue, 01 Jul 2025 10:15:00 GMT

read more

CVE-2025-49490 - Falcon_Linux Kestrel Lapwing_Linux Router Resource Leak Exposure

]]>

Tue, 01 Jul 2025 10:15:00 GMT

read more

CVE-2025-6756 - "Ultra Addons for Contact Form 7 Stored Cross-Site Scripting Vulnerability"

]]>

Tue, 01 Jul 2025 10:15:00 GMT

read more

CVE-2025-5072 - Falcon_Linux, Kestrel, Lapwing_Linux ASR180x, ASR190x Resource Leak Exposure

]]>

Tue, 01 Jul 2025 09:15:00 GMT

read more

Découvrez « Cyber en Clair », la nouvelle campagne de sensibilisation de Cybermalveillance.gouv.fr destinée aux jeunes

]]>

Tue, 01 Jul 2025 09:00:00 GMT

read more

CVE-2025-41656 - Node_RED Remote Command Execution (RCE)

]]>

Tue, 01 Jul 2025 08:15:00 GMT

read more

CVE-2025-41648 - IndustrialPI Authentication Bypass Vulnerability

]]>

Tue, 01 Jul 2025 08:15:00 GMT

read more

CVE-2025-6934 - Opal Estate Pro - WordPress Property Management Plugin Privilege Escalation Vulnerability

]]>

Tue, 01 Jul 2025 07:15:00 GMT

read more

CVE-2025-5967 - "ENS HX Stored Cross-Site Scripting Vulnerability"

]]>

Tue, 01 Jul 2025 04:15:00 GMT

read more

CVE-2025-6081 - Konica Minolta bizhub LDAP Credential Exposure Vulnerability

]]>

Tue, 01 Jul 2025 04:15:00 GMT

read more

CVE-2024-46993 - Electron Heap Buffer Overflow

]]>

Tue, 01 Jul 2025 03:15:00 GMT

read more

CVE-2024-49364 - Tiny-SECP256k1 Buffer Package Private Key Extraction Vulnerability

]]>

Tue, 01 Jul 2025 03:15:00 GMT

read more

CVE-2024-49365 - Tiny-SECP256K1 JSON-Stringifyable Message Verification Bypass Vulnerability

]]>

Tue, 01 Jul 2025 03:15:00 GMT

read more

CVE-2025-6939 - TOTOLINK A3002RU HTTP POST Request Handler Buffer Overflow

]]>

Tue, 01 Jul 2025 03:15:00 GMT

read more

CVE-2025-6940 - TOTOLINK A702R HTTP POST Request Handler Buffer Overflow Vulnerability

]]>

Tue, 01 Jul 2025 03:15:00 GMT

read more

CVE-2024-46992 - Electron ASAR Integrity Bypass on Windows

]]>

Tue, 01 Jul 2025 02:15:00 GMT

read more

CVE-2025-53003 - Janssen Project IAM Unverified Scope Information Disclosure

]]>

Tue, 01 Jul 2025 02:15:00 GMT

read more

CVE-2025-53095 - Sunshine/Moonlight CSRF to RCE

]]>

Tue, 01 Jul 2025 02:15:00 GMT

read more

CVE-2025-53096 - Moonlight Sunshine Clickjacking Vulnerability

]]>

Tue, 01 Jul 2025 02:15:00 GMT

read more

CVE-2025-6938 - "Code-projects Simple Pizza Ordering System SQL Injection Vulnerability"

]]>

Tue, 01 Jul 2025 02:15:00 GMT

read more

CVE-2025-53005 - DataEase PostgreSQL Data Source JDBC Connection Factory Argument Injection Vulnerability

]]>

Tue, 01 Jul 2025 01:15:00 GMT

read more

CVE-2025-6937 - Code-projects Simple Pizza Ordering System SQL Injection Vulnerability

]]>

Tue, 01 Jul 2025 01:15:00 GMT

read more

CVE-2025-2141 - IBM System Storage Virtualization Engine Cross-Site Scripting Vulnerability

]]>

Tue, 01 Jul 2025 01:15:00 GMT

read more

CVE-2025-36056 - IBM System Storage Virtualization Engine TS7700 Cross-Site Scripting Vulnerability

]]>

Tue, 01 Jul 2025 01:15:00 GMT

read more

CVE-2025-6935 - Campcodes Sales and Inventory System SQL Injection

]]>

Tue, 01 Jul 2025 00:15:00 GMT

read more

CVE-2025-6936 - Simple Pizza Ordering System SQL Injection

]]>

Tue, 01 Jul 2025 00:15:00 GMT

read more

CVE-2025-6931 - D-Link DCS-6517 DCS-7517 Insufficient Entropy in Root Password Generation Handler

]]>

Mon, 30 Jun 2025 23:15:00 GMT

read more

CVE-2025-6932 - D-Link DCS-7517 Hard-Coded Password Vulnerability

]]>

Mon, 30 Jun 2025 23:15:00 GMT

read more

CVE-2025-6930 - PHPGurukul Zoo Management System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 22:15:00 GMT

read more

CVE-2025-6554 - Google Chrome V8 Type Confusion Vulnerability

]]>

Mon, 30 Jun 2025 22:15:00 GMT

read more

CVE-2025-49521 - Ansible Ansible Automation Platform Code Injection Vulnerability

]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-53004 - DataEase SSL Factory Bypass Vulnerability

]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-6929 - PHPGurukul Zoo Management System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-32463 - Sudo Local Command Injection Vulnerability

]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-49520 - Ansible Automation Platform EDA Git URL Injection Remote Command Execution Vulnerability

]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-32462 - Sudo Privilege Escalation

]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-52901 - Apache File Browser JWT Session Leak Vulnerability

]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-52995 - File Browser Privilege Escalation Vulnerability

]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-52996 - Apache File Browser Unprotected File Sharing Vulnerability

]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-52997 - Apache File Browser Authentication Brute-Force Vulnerability

]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-49493 - Akamai CloudTest XXE Injection Vulnerability

]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-52491 - Akamai CloudTest SSRF

]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-36593 - Dell OpenManage Network Integration RADIUS Authentication Bypass

]]>

Mon, 30 Jun 2025 19:15:00 GMT

read more

CVE-2025-52898 - Frappe Password Reset Token Access Vulnerability

]]>

Mon, 30 Jun 2025 18:15:00 GMT

read more

CVE-2025-6917 - Code-projects Online Hotel Booking SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 18:15:00 GMT

read more

CVE-2025-6925 - Dromara RuoYi-Vue-Plus Path Traversal Vulnerability

]]>

Mon, 30 Jun 2025 18:15:00 GMT

read more

CVE-2025-52896 - Frappe Cross-Site Scripting (XSS) via Data Import Vulnerability

]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-6915 - PHPGurukul Student Record System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-6916 - TOTOLINK T6 Local Network Authentication Bypass

]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-26074 - Orkes Conductor Java Deserialization Vulnerability

]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-45143 - Apache String-Math Regex Denial of Service

]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-45931 - D-Link DIR-816-A2 Remote Code Execution Vulnerability

]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-46702 - Mattermost Channel Member Management Privilege Escalation Vulnerability

]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-47871 - Mattermost Information Disclosure Vulnerability

]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-52895 - Frappe SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2024-12915 - Devinim Software Library Cross-site Scripting (XSS)

]]>

Mon, 30 Jun 2025 16:15:00 GMT

read more

CVE-2025-53001 - Apache HTTP Server Remote Code Execution

]]>

Mon, 30 Jun 2025 16:15:00 GMT

read more

CVE-2025-53017 - Apache Struts Remote Code Execution

]]>

Mon, 30 Jun 2025 16:15:00 GMT

read more

CVE-2025-6913 - PHPGurukul Student Record System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 16:15:00 GMT

read more

CVE-2025-6914 - PHPGurukul Student Record System SQL Injection

]]>

Mon, 30 Jun 2025 16:15:00 GMT

read more

CVE-2025-6912 - PHPGurukul Student Record System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 15:15:00 GMT

read more

CVE-2023-47310 - MikroTik RouterOS IPv6 UDP Traceroute Information Disclosure

]]>

Mon, 30 Jun 2025 15:15:00 GMT

read more

CVE-2024-53621 - Tenda AC1206 Buffer Overflow Vulnerability

]]>

Mon, 30 Jun 2025 15:15:00 GMT

read more

CVE-2025-2895 - IBM Cloud Pak System HTML Injection Vulnerability

]]>

Mon, 30 Jun 2025 15:15:00 GMT

read more

CVE-2025-6911 - PHPGurukul Student Record System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 15:15:00 GMT

read more

CVE-2025-6909 - PHPGurukul Old Age Home Management System SQL Injection

]]>

Mon, 30 Jun 2025 14:15:00 GMT

read more

CVE-2025-6910 - PHPGurukul Student Record System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 14:15:00 GMT

read more

CVE-2025-6908 - PHPGurukul Old Age Home Management System SQL Injection

]]>

Mon, 30 Jun 2025 13:15:00 GMT

read more

CVE-2025-6906 - Car Rental System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 13:15:00 GMT

read more

CVE-2025-6907 - Code-projects Car Rental System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 13:15:00 GMT

read more

CVE-2025-6905 - "Car Rental System SQL Injection Vulnerability"

]]>

Mon, 30 Jun 2025 12:15:00 GMT

read more

CVE-2025-4407 - ABB Lite Panel Pro Session Expiration Vulnerability

]]>

Mon, 30 Jun 2025 12:15:00 GMT

read more

CVE-2025-40710 - Hotspot Shield VPN Host Header Injection Vulnerability

]]>

Mon, 30 Jun 2025 11:15:00 GMT

read more

CVE-2025-6903 - "Code-projects Car Rental System SQL Injection Vulnerability"

]]>

Mon, 30 Jun 2025 11:15:00 GMT

read more

CVE-2025-6904 - Car Rental System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 11:15:00 GMT

read more

Particuliers : quelles sont les cybermalveillances les plus fréquentes en 2024 ?

]]>

Mon, 30 Jun 2025 10:22:00 GMT

read more

CVE-2024-8419 - Apache Unauthenticated Remote Fail-Safe State Vulnerability

]]>

Mon, 30 Jun 2025 10:15:00 GMT

read more

CVE-2025-41439 - RICOH Streamline NX Reflected Cross-Site Scripting Vulnerability

]]>

Mon, 30 Jun 2025 10:15:00 GMT

read more

CVE-2025-53416 - CVE-2022-22954 Apache HTTP Server Remote Code Execution

]]>

Mon, 30 Jun 2025 10:15:00 GMT

read more

CVE-2025-6901 - Code-projects Inventory Management System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 10:15:00 GMT

read more

CVE-2025-6902 - Code-projects Inventory Management System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 10:15:00 GMT

read more

CVE-2025-40733 - Daily Expense Manager Reflected XSS

]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-40734 - Daily Expense Manager Cross-Site Scripting (XSS)

]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-53415 - Delta Electronics DTM Soft Project File Parsing Remote Code Execution Vulnerability

]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-6899 - D-Link DI-7300G+/DI-8200G Os Command Injection Vulnerability

]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-6900 - Code-projects Library System Unrestricted File Upload Vulnerability

]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-40731 - Daily Expense Manager SQL Injection

]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-40732 - Daily Expense Manager Username Disclosure Vulnerability

]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-38090 - Linux Kernel Rapidio Heap Overwrite Vulnerability

cm_chan_msg_send() -> riocm_ch_send() cm_chan_msg_send() checks that userspace didn't send too much data but riocm_ch_send() failed to check that userspace sent sufficient data. The result is that riocm_ch_send() can write to fields in the rio_ch_chan_hdr which were outside the bounds of the space which cm_chan_msg_send() allocated. Address this by teaching riocm_ch_send() to check that the entire rio_ch_chan_hdr was copied in from userspace. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-6897 - D-Link DI-7300G+ HTTPD Debug ASP OS Command Injection Vulnerability

]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-6898 - D-Link DI-7300G+ Os Command Injection Vulnerability

]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-38088 - IBM Power Systems Out-of-Bounds Read Vulnerability

]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-38089 - SunRPC Authentication Error Handling Remote Crash Vulnerability

]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-38087 - Linux Kernel Taprio Use-After-Free Vulnerability

]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-6891 - Code-projects Inventory Management System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 07:15:00 GMT

read more

CVE-2025-6896 - D-Link DI-7300G+ Os Command Injection Vulnerability

]]>

Mon, 30 Jun 2025 07:15:00 GMT

read more

CVE-2025-3745 - WordPress Lightbox 2 Cross-Site Scripting Vulnerability

]]>

Mon, 30 Jun 2025 06:15:00 GMT

read more

CVE-2025-5730 - WordPress Contact Form Plugin Stored Cross-Site Scripting Vulnerability

]]>

Mon, 30 Jun 2025 06:15:00 GMT

read more

CVE-2025-6889 - Movie Ticketing System SQL Injection

]]>

Mon, 30 Jun 2025 06:15:00 GMT

read more

CVE-2025-6890 - Code-projects Movie Ticketing System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 06:15:00 GMT

read more

CVE-2025-6888 - PHPGurukul Teachers Record Management System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 05:15:00 GMT

read more

CVE-2025-6886 - Tenda AC5 Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 30 Jun 2025 05:15:00 GMT

read more

CVE-2025-6887 - Tenda AC5 Stack-Based Buffer Overflow Vulnerability

]]>

Mon, 30 Jun 2025 05:15:00 GMT

read more

CVE-2025-6885 - PHPGurukul Teachers Record Management System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 04:15:00 GMT

read more

CVE-2025-53074 - Samsung Open Source rLottie Out-of-bounds Read Overflow

]]>

Mon, 30 Jun 2025 03:15:00 GMT

read more

CVE-2025-53076 - Samsung Open Source rLottie Overread Buffer Vulnerability

]]>

Mon, 30 Jun 2025 03:15:00 GMT

read more

CVE-2025-6882 - D-Link DIR-513 Buffer Overflow Vulnerability

]]>

Mon, 30 Jun 2025 03:15:00 GMT

read more

CVE-2025-6883 - Code-Projects Staff Audit System SQL Injection

]]>

Mon, 30 Jun 2025 03:15:00 GMT

read more

CVE-2025-6884 - Apache Code-projects Staff Audit System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 03:15:00 GMT

read more

CVE-2025-0634 - Samsung rLottie After Free Remote Code Inclusion Vulnerability

]]>

Mon, 30 Jun 2025 02:15:00 GMT

read more

CVE-2025-46014 - Honor PC Manager Named Pipe Privilege Escalation Vulnerability

]]>

Mon, 30 Jun 2025 02:15:00 GMT

read more

CVE-2025-53075 - Samsung Open Source rLottie Path Traversal Vulnerability

]]>

Mon, 30 Jun 2025 02:15:00 GMT

read more

CVE-2025-6881 - D-Link jhttpd PPPoE Buffer Overflow Vulnerability

]]>

Mon, 30 Jun 2025 02:15:00 GMT

read more

CVE-2025-6878 - SourceCodester Best Salon Management System SQL Injection

]]>

Mon, 30 Jun 2025 01:15:00 GMT

read more

CVE-2025-6879 - "SourceCodester Best Salon Management System SQL Injection"

]]>

Mon, 30 Jun 2025 01:15:00 GMT

read more

CVE-2025-6880 - SourceCodester Best Salon Management System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 01:15:00 GMT

read more

CVE-2025-6877 - SourceCodester Best Salon Management System SQL Injection Vulnerability

]]>

Mon, 30 Jun 2025 00:15:00 GMT

read more

CVE-2025-6875 - SourceCodester Best Salon Management System SQL Injection

]]>

Sun, 29 Jun 2025 23:15:00 GMT

read more

CVE-2025-6876 - SourceCodester Best Salon Management System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 23:15:00 GMT

read more

CVE-2025-6873 - SourceCodester Simple Company Website File Upload Vulnerability

]]>

Sun, 29 Jun 2025 22:15:00 GMT

read more

CVE-2025-6874 - SourceCodester Best Salon Management System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 22:15:00 GMT

read more

CVE-2015-20112 - Fortinet SSL/TLS CTR Stream Collision Vulnerability

]]>

Sun, 29 Jun 2025 21:15:00 GMT

read more

CVE-2025-6871 - SourceCodester Simple Company Website SQL Injection

]]>

Sun, 29 Jun 2025 21:15:00 GMT

read more

CVE-2025-6872 - SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

]]>

Sun, 29 Jun 2025 21:15:00 GMT

read more

CVE-2025-6870 - SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

]]>

Sun, 29 Jun 2025 20:15:00 GMT

read more

CVE-2025-24290 - UISP Authenticated SQL Injection Privilege Escalation

]]>

Sun, 29 Jun 2025 20:15:00 GMT

read more

CVE-2025-24292 - Ubiquiti UniFi Network MAC Address Authentication Bypass Vulnerability

]]>

Sun, 29 Jun 2025 20:15:00 GMT

read more

CVE-2025-6869 - SourceCodester Simple Company Website SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 20:15:00 GMT

read more

CVE-2025-24289 - "UCRM Client Signup Plugin CSRF-XSS Vulnerability"

]]>

Sun, 29 Jun 2025 20:15:00 GMT

read more

CVE-2025-6867 - SourceCodester Simple Company Website SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 19:15:00 GMT

read more

CVE-2025-6868 - SourceCodester Simple Company Website SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 19:15:00 GMT

read more

CVE-2025-6866 - Simple Forum PathTraversal

]]>

Sun, 29 Jun 2025 18:15:00 GMT

read more

CVE-2025-6865 - DaiCuo Cross-Site Request Forgery (CSRF) Vulnerability

]]>

Sun, 29 Jun 2025 17:15:00 GMT

read more

CVE-2025-6864 - SeaCMS Cross-Site Request Forgery Vulnerability

]]>

Sun, 29 Jun 2025 16:15:00 GMT

read more

CVE-2025-6862 - SourceCodester Best Salon Management System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 15:15:00 GMT

read more

CVE-2025-6863 - PHPGurukul Local Services Search Engine Management System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 15:15:00 GMT

read more

CVE-2025-6861 - SourceCodester Best Salon Management System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 14:15:00 GMT

read more

CVE-2025-6859 - SourceCodester Best Salon Management System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 13:15:00 GMT

read more

CVE-2025-6860 - SourceCodester Best Salon Management System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 13:15:00 GMT

read more

CVE-2024-24915 - Check Point SmartConsole Unsecured Credentials

]]>

Sun, 29 Jun 2025 12:15:00 GMT

read more

CVE-2025-5878 - "ESAPI SQL Injection Defense Encoder Encoder.encodeForSQL Improper Neutralization"

]]>

Sun, 29 Jun 2025 12:15:00 GMT

read more

CVE-2025-6858 - HDF5 Null Pointer Dereference Vulnerability

]]>

Sun, 29 Jun 2025 11:15:00 GMT

read more

CVE-2025-6856 - HDF5 Use After Free Vulnerability

]]>

Sun, 29 Jun 2025 10:15:00 GMT

read more

CVE-2025-6857 - HDF5 Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 29 Jun 2025 10:15:00 GMT

read more

CVE-2025-6854 - Chatchat-space Langchain-Chatchat Path Traversal Vulnerability

]]>

Sun, 29 Jun 2025 09:15:00 GMT

read more

CVE-2025-6855 - "Chatchat-Langchain Chatchat Path Traversal Vulnerability"

]]>

Sun, 29 Jun 2025 09:15:00 GMT

read more

CVE-2025-6853 - Chatchat Space Langchain-Chatchat Path Traversal Vulnerability

]]>

Sun, 29 Jun 2025 08:15:00 GMT

read more

CVE-2025-6849 - Simple Forum Cross-Site Scripting (XSS) Vulnerability

]]>

Sun, 29 Jun 2025 07:15:00 GMT

read more

CVE-2025-6850 - Simple Forum SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 07:15:00 GMT

read more

CVE-2025-6847 - Code-projects Simple Forum SQL Injection

]]>

Sun, 29 Jun 2025 06:15:00 GMT

read more

CVE-2025-6848 - Simple Forum Unrestricted File Upload Vulnerability

]]>

Sun, 29 Jun 2025 06:15:00 GMT

read more

CVE-2025-6462 - WordPress EZ SQL Reports Stored Cross-Site Scripting Vulnerability

]]>

Sun, 29 Jun 2025 05:15:00 GMT

read more

CVE-2025-6845 - "Simple Forum SQL Injection Vulnerability"

]]>

Sun, 29 Jun 2025 05:15:00 GMT

read more

CVE-2025-6846 - "Code-Projects Simple Forum SQL Injection Vulnerability"

]]>

Sun, 29 Jun 2025 05:15:00 GMT

read more

CVE-2025-6843 - "Code-projects Simple Photo Gallery Unrestricted File Upload Vulnerability"

]]>

Sun, 29 Jun 2025 04:15:00 GMT

read more

CVE-2025-6844 - Simple Forum SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 04:15:00 GMT

read more

CVE-2025-6842 - Code-projects Product Inventory System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 04:15:00 GMT

read more

CVE-2025-6841 - Code-projects Product Inventory System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 03:15:00 GMT

read more

CVE-2025-6840 - Code-projects Product Inventory System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 03:15:00 GMT

read more

CVE-2025-6839 - Conjure Position Department Service Quality Evaluation System Less Bootstrap Mixin Head PHP Backdoor Remote Code Execution

]]>

Sun, 29 Jun 2025 02:15:00 GMT

read more

CVE-2025-6837 - Code-projects Library System Unrestricted File Upload Vulnerability

]]>

Sun, 29 Jun 2025 01:15:00 GMT

read more

CVE-2025-6836 - Code-projects Library System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 01:15:00 GMT

read more

CVE-2025-6834 - Apache Code-Projects Inventory Management System SQL Injection Vulnerability

]]>

Sun, 29 Jun 2025 00:15:00 GMT

read more

CVE-2025-6835 - "Code-projects Library System SQL Injection Vulnerability"

]]>

Sun, 29 Jun 2025 00:15:00 GMT

read more

CVE-2025-6828 - Code-Projects Inventory Management System SQL Injection Vulnerability

]]>

Sat, 28 Jun 2025 23:15:00 GMT

read more

CVE-2025-6829 - AluoXiang Oa System External Address Book Handler SQL Injection Vulnerability

]]>

Sat, 28 Jun 2025 23:15:00 GMT

read more

CVE-2025-5951 - CVE-2022-1234: Apache HTTP Server Unauthenticated Remote Code Execution

]]>

Sat, 28 Jun 2025 23:15:00 GMT

read more

CVE-2025-53392 - pfSense File Traversal Vulnerability

]]>

Sat, 28 Jun 2025 23:15:00 GMT

read more

CVE-2025-53393 - Akka Cluster Metrics Java Serialization Deserialization Vulnerability

]]>

Sat, 28 Jun 2025 23:15:00 GMT

read more

CVE-2025-53391 - "Debian ZuluPolkit PolicyKit Privilege Escalation"

]]>

Sat, 28 Jun 2025 22:15:00 GMT

read more

CVE-2025-6827 - Code-Projects Inventory Management System SQL Injection Vulnerability

]]>

Sat, 28 Jun 2025 22:15:00 GMT

read more

CVE-2025-6826 - Payroll Management System SQL Injection Vulnerability

]]>

Sat, 28 Jun 2025 21:15:00 GMT

read more

CVE-2025-6825 - TOTOLINK A702R HTTP POST Request Handler Buffer Overflow Vulnerability

]]>

Sat, 28 Jun 2025 21:15:00 GMT

read more

CVE-2025-6824 - TOTOLINK X15 HTTP POST Request Handler Buffer Overflow

]]>

Sat, 28 Jun 2025 20:15:00 GMT

read more

CVE-2025-6823 - Code-projects Inventory Management System SQL Injection Vulnerability

]]>

Sat, 28 Jun 2025 20:15:00 GMT

read more

CVE-2025-6822 - Code-projects Inventory Management System SQL Injection Vulnerability

]]>

Sat, 28 Jun 2025 19:15:00 GMT

read more

CVE-2025-32897 - Apache Seata (incubating) Untrusted Data Deserialization Vulnerability

]]>

Sat, 28 Jun 2025 19:15:00 GMT

read more

CVE-2025-6820 - Code-projects Inventory Management System SQL Injection Vulnerability

]]>

Sat, 28 Jun 2025 18:15:00 GMT

read more

CVE-2025-6821 - Code-projects Inventory Management System SQL Injection Vulnerability

]]>

Sat, 28 Jun 2025 18:15:00 GMT

read more

CVE-2025-6819 - Code-projects Inventory Management System SQL Injection Vulnerability

]]>

Sat, 28 Jun 2025 17:15:00 GMT

read more

CVE-2023-29113 - Volkswagen Skoda MIB3 Privilege Escalation Vulnerability

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2025-6818 - HDF5 Heap-Based Buffer Overflow Vulnerability

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28911 - Skoda MIB3 Bluetooth Stack Channel Disconnection Denial-of-Service Vulnerability

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28912 - Skoda MIB3 In-vehicle Contact Data Disclosure

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28910 - Skoda MIB3 Bluetooth Stack Assertion Bypass Vulnerability

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28908 - Volkswagen MIB3 Bluetooth Integer Overflow Vulnerability

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28909 - Skoda MIB3 Bluetooth Integer Overflow Remote Code Execution Vulnerability

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28902 - Skoda MIB3 Infotainment Unit Integer Underflow Denial-of-Service Vulnerability

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28903 - MIB3 Infotainment Unit Integer Overflow Denial-of-Service

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28904 - MIB3 Infotainment Unit Bootloader Boot Process Code Execution Vulnerability

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28905 - Skoda MIB3 Infotainment Unit Heap Buffer Overflow

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28906 - Skoda MIB3 Infotainment Command Injection Vulnerability

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28907 - Skoda Superb III MIB3 CAN Bus CPU Core Isolation Bypass

]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2025-1991 - IBM Informix Dynamic Server Denial of Service Buffer Overflow

]]>

Sat, 28 Jun 2025 13:15:00 GMT

read more

CVE-2025-6817 - HDF5 Resource Consumption Denial of Service

]]>

Sat, 28 Jun 2025 12:15:00 GMT

read more

CVE-2025-6816 - HDF5 Heap-Based Buffer Overflow Vulnerability

]]>

Sat, 28 Jun 2025 08:15:00 GMT

read more

CVE-2025-38086 - "NetChip Ch9200 Uninitialized Memory Access Vulnerability"

mdio_read which is ch9200_mdio_read(). ch9200_mdio_read() utilises a local buffer called "buff", which is initialised with control_read(). However "buff" is conditionally initialised inside control_read(): if (err == size) { memcpy(data, buf, size); } If the condition of "err == size" is not met, then "buff" remains uninitialised. Once this happens the uninitialised "buff" is accessed and returned during ch9200_mdio_read(): return (buff[0] | buff[1] 8); The problem stems from the fact that ch9200_mdio_read() ignores the return value of control_read(), leading to uinit-access of "buff". To fix this we should check the return value of control_read() and return early on error. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 28 Jun 2025 08:15:00 GMT

read more

CVE-2025-5937 - WordPress MicroPayments Fans Paysite CSRF Vulnerability

]]>

Sat, 28 Jun 2025 08:15:00 GMT

read more

CVE-2025-38084 - Linux Kernel Hugetlb Racy Protection Vulnerability

may_split(). This happens before the VMA lock and rmap locks are taken - which is too early, it allows racing VMA-locked page faults in our process and racing rmap walks from other processes to cause page tables to be shared again before we actually perform the split. Fix it by explicitly calling into the hugetlb unshare logic from __split_vma() in the same place where THP splitting also happens. At that point, both the VMA and the rmap(s) are write-locked. An annoying detail is that we can now call into the helper hugetlb_unshare_pmds() from two different locking contexts: 1. from hugetlb_split(), holding: - mmap lock (exclusively) - VMA lock - file rmap lock (exclusively) 2. hugetlb_unshare_all_pmds(), which I think is designed to be able to call us with only the mmap lock held (in shared mode), but currently only runs while holding mmap lock (exclusively) and VMA lock Backporting note: This commit fixes a racy protection that was introduced in commit b30c14cd6102 ("hugetlb: unshare some PMDs when splitting VMAs"); that commit claimed to fix an issue introduced in 5.13, but it should actually also go all the way back. [jannh@google.com: v2] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>]]>

Sat, 28 Jun 2025 08:15:00 GMT

read more

CVE-2025-38085 - Linux Kernel: Huge Page Table Unshare Race Condition Vulnerability

]]>

Sat, 28 Jun 2025 08:15:00 GMT

read more

CVE-2025-5304 - PT Project Notebooks WordPress Privilege Escalation

]]>

Sat, 28 Jun 2025 06:15:00 GMT

read more

CVE-2025-6755 - WordPress Game Users Share Buttons Plugin Remote Code Execution and File Deletion Vulnerability

]]>

Sat, 28 Jun 2025 06:15:00 GMT

read more

CVE-2025-6252 - "Qi Addons For Elementor Stored Cross-Site Scripting Vulnerability"

]]>

Sat, 28 Jun 2025 05:15:00 GMT

read more

CVE-2025-6381 - BeeTeam368 Extensions plugin for WordPress Directory Traversal Vulnerability

]]>

Sat, 28 Jun 2025 04:15:00 GMT

read more

CVE-2025-6379 - BeeTeam368 Extensions Pro for WordPress Directory Traversal Vulnerability

]]>

Sat, 28 Jun 2025 04:15:00 GMT

read more

CVE-2025-6350 - WordPress WP VR 360 Panorama Stored Cross-Site Scripting Vulnerability

]]>

Sat, 28 Jun 2025 04:15:00 GMT

read more

CVE-2025-53380 - Apache Struts Deserialization Vulnerability

]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53381 - Apache HTTP Server Unvalidated User Input

]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53382 - Apache HTTP Server Cross-Site Request Forgery

]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53383 - Apache HTTP Server Cross-Site Request Forgery

]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53384 - Apache HTTP Server Information Disclosure

]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53385 - Apache HTTP Server Cross-Site Request Forgery

]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53386 - FTC's Online Payment Processing System Authentication Bypass

]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53387 - Apache Apache HTTP Server Remote Code Execution

]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53388 - Apache HTTP Server SQL Injection

]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2024-52900 - IBM Cognos Analytics Stored Cross-Site Scripting Vulnerability

]]>

Sat, 28 Jun 2025 01:15:00 GMT

read more

CVE-2025-36026 - IBM Datacap Insecure Cookie Handling Vulnerability

]]>

Sat, 28 Jun 2025 01:15:00 GMT

read more

CVE-2025-36027 - IBM Datacap Clickjacking Vulnerability

]]>

Sat, 28 Jun 2025 01:15:00 GMT

read more

CVE-2024-39730 - IBM Datacap Navigator Click Hijacking Vulnerability

]]>

Sat, 28 Jun 2025 01:15:00 GMT

read more

CVE-2024-36347 - AMD CPU ROM Microcode Signature Verification Bypass (Validation Bypass)

]]>

Fri, 27 Jun 2025 23:15:00 GMT

read more

CVE-2025-53097 - Roo Code Schema Fetching File Read and Write Vulnerability

]]>

Fri, 27 Jun 2025 22:15:00 GMT

read more

CVE-2025-53098 - Roo Code MCP Configuration Command Injection Vulnerability

]]>

Fri, 27 Jun 2025 22:15:00 GMT

read more

CVE-2025-6777 - Food Distributor Site SQL Injection Vulnerability

]]>

Fri, 27 Jun 2025 21:15:00 GMT

read more

CVE-2025-6778 - Food Distributor Site Cross-Site Scripting Vulnerability

]]>

Fri, 27 Jun 2025 21:15:00 GMT

read more

CVE-2025-6776 - Xiaoyunjie OpenVPN-CMS-Flask Remote Path Traversal

]]>

Fri, 27 Jun 2025 20:15:00 GMT

read more

CVE-2025-6774 - Gooaclok819 SublinkX Path Traversal Vulnerability

]]>

Fri, 27 Jun 2025 20:15:00 GMT

read more

CVE-2025-6775 - Xiaoyunjie OpenVPN-CMS-Flask Command Injection Vulnerability

]]>

Fri, 27 Jun 2025 20:15:00 GMT

read more

CVE-2025-53094 - ESPAsyncWebServer CRLF Injection Vulnerability

]]>

Fri, 27 Jun 2025 20:15:00 GMT

read more

CVE-2025-6772 - Eosphoros-AI Db-GPT Path Traversal Vulnerability

]]>

Fri, 27 Jun 2025 19:15:00 GMT

read more

CVE-2025-6773 - HKUDS LightRAG Path Traversal Vulnerability

]]>

Fri, 27 Jun 2025 19:15:00 GMT

read more

CVE-2025-6522 - Sight Bulb Pro Root Shell Command Injection Vulnerability

]]>

Fri, 27 Jun 2025 18:15:00 GMT

read more

CVE-2025-53093 - TabberNeue Cross-Site Scripting (XSS)

]]>

Fri, 27 Jun 2025 18:15:00 GMT

read more

CVE-2025-5310 - Dover Fueling Solutions ProGauge MagLink LX Consoles Unauthenticated Remote Code Execution

]]>

Fri, 27 Jun 2025 18:15:00 GMT

read more

CVE-2024-12364 - Mavi Yeşil Software Guest Tracking Software SQL Injection Vulnerability

]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-44557 - Cypress PSoC4 BLE State Machine Transition Vulnerability

]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-44559 - Realtek RTL8762E BLE DoS Vulnerability

]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-46707 - VMware ESXi Firmware Privilege Escalation

]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-46708 - VMware ESXi GPU Resource Hijacking

]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-52207 - MikoPBX PHP File Upload Vulnerability

]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-6521 - Sight Bulb Pro Cleartext AES Encryption Key Exfiltration

]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2024-12143 - Mobilteg Mobile Informatics Mikro Hand Terminal SQL Injection

]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2024-12150 - Eron Software Wowwo CRM SQL Injection

]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-50369 - PHPGurukul Medical Card Generation System CSRF Vulnerability

]]>

Fri, 27 Jun 2025 16:15:00 GMT

read more

CVE-2025-50370 - Phpgurukul Medical Card Generation System CSRF Vulnerability

]]>

Fri, 27 Jun 2025 16:15:00 GMT

read more

CVE-2024-11739 - Case Informatics Case ERP SQL Injection

]]>

Fri, 27 Jun 2025 16:15:00 GMT

read more

CVE-2025-50367 - PhpGurukul Medical Card Generation System Stored Blind XSS

]]>

Fri, 27 Jun 2025 16:15:00 GMT

read more

CVE-2025-6705 - Microsoft Azure DevOps Open-VSX Unauthorized Build Script Execution Vulnerability

]]>

Fri, 27 Jun 2025 15:15:00 GMT

read more

CVE-2023-38007 - IBM Cloud Pak System HTML Injection Vulnerability

]]>

Fri, 27 Jun 2025 15:15:00 GMT

read more

CVE-2025-52553 - Authentik RAC Token Session Hijacking Vulnerability

]]>

Fri, 27 Jun 2025 15:15:00 GMT

read more

CVE-2025-53091 - WeGIA Time-Based Blind SQL Injection

]]>

Fri, 27 Jun 2025 15:15:00 GMT

read more

CVE-2025-53338 - Re.place CSRF Stored XSS

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53339 - Devnex Addons For Elementor PHP Remote File Inclusion Vulnerability

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-6768 - "Sfturing Hosp_Order SQL Injection Vulnerability"

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53332 - Ethoseo Track Everything CSRF Stored XSS

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53336 - Abditsori My Resume Builder Stored Cross-Site Scripting

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53327 - Aioseo Multibyte Descriptions CSRF

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53329 - Szajenw Społecznościowa CSRF Stored XSS

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53331 - Samcharrington RSS Digest CSRF Stored XSS

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53310 - Funnnny HidePost CSRF Reflected XSS

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53311 - Navayan Subscribe CSRF Stored XSS

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53312 - OnionBuzz Looks Awesome CSRF Stored XSS

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53313 - Twitch TV Embed Suite CSRF Stored XSS

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53314 - Sh1zen WP Optimizer CSRF-Enabled SQL Injection

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53315 - Alanft Relocate Upload CSRF Stored XSS

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53317 - AcmeeDesign WPShapere Lite CSRF Stored XSS

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53318 - WPManiax WP DB Booster Missing Authorization Vulnerability

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53320 - Wp Enhanced Free Downloads EDD Cross-site Scripting

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53321 - Raise The Money Cross-Site Scripting

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53322 - ZealousWeb Contact Form 7 Information Disclosure Vulnerability

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53323 - Danbriapps Pre-Publish Post Checklist Missing Authorization

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53325 - Dilip Kumar Beauty Contact Popup Form Stored Cross-site Scripting Vulnerability

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53305 - Lucidcrew WP Forum Server CSRF Stored XSS

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53306 - Lucidcrew WP Forum Server SQL Injection

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53308 - Gopi_plus Image Slider Stored XSS CSRF

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53309 - ZealousWeb Contact Form 7 Information Disclosure

]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-40910 - Apache Net::IP::LPM Leading Zero IP Address Bypass Vulnerability

]]>

Fri, 27 Jun 2025 13:15:00 GMT

read more

CVE-2025-53018 - Lychee Server-Side Request Forgery (SSRF) Vulnerability

]]>

Fri, 27 Jun 2025 13:15:00 GMT

read more

CVE-2025-6766 - Apache sfturing SQL Injection Vulnerability

]]>

Fri, 27 Jun 2025 13:15:00 GMT

read more

CVE-2025-6767 - Oracle SFTuring SQL Injection Vulnerability

]]>

Fri, 27 Jun 2025 13:15:00 GMT

read more

CVE-2025-52774 - Infility Global Cross-site Scripting

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52778 - Michel xili-dictionary Cross-site Scripting

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52799 - Designthemes LMS Cross-site Scripting (XSS)

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52808 - RealtyElite PHP RFI Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52809 - John Russell National Weather Service Alerts PHP Local File Inclusion

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52810 - TMRW-studio Katerio Magazine Path Traversal PHP Local File Inclusion Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52811 - Creanncy Davenport Path Traversal PHP Local File Inclusion Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52812 - ApusWP Domnoo PHP Local File Inclusion Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52814 - Ovatheme BRW PHP RFI Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52815 - AncoraThemes CityGov PHP Remote File Inclusion Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52816 - Themehunk Zita PHP Remote File Inclusion Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52817 - ZealousWeb Abandoned Contact Form 7 Missing Authorization Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52818 - Trusty Whistleblowing Missing Authorization Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52824 - MDJM Mobile DJ Manager Missing Authorization Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52826 - UXPER Sala Object Injection Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52827 - UXPER Nuss Untrusted Data Deserialization Object Injection

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52829 - DirectIQ Email Marketing SQL Injection

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52834 - Favethemes Homey SQL Injection

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-6762 - Diyhi BBS Server-Side Request Forgery (SSRF) Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-6763 - Comet System Web-based Management Interface Missing Authentication Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-6765 - Intelbras InControl Remote File Permission Bypass Vulnerability

]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-6761 - Kingdee Cloud-Starry-Sky Enterprise Edition Freemarker Engine Template Engine Injection Vulnerability

]]>

Fri, 27 Jun 2025 11:15:00 GMT

read more

CVE-2025-5398 - Ninja Forms Stored Cross-Site Scripting Vulnerability

]]>

Fri, 27 Jun 2025 10:15:00 GMT

read more

CVE-2024-12827 - WordPress DWT Directory Listing Theme Privilege Escalation Vulnerability

]]>

Fri, 27 Jun 2025 09:15:00 GMT

read more

CVE-2025-2940 - WordPress Easy Data Table Builder SSRF

]]>

Fri, 27 Jun 2025 09:15:00 GMT

read more

CVE-2025-4587 - WordPress A/B Testing Stored Cross-Site Scripting

]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-5306 - Pandora FMS Command Injection Vulnerability

]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-5936 - WordPress VR Calendar CSRF

]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-5940 - Osom Blocks - WordPress Stored Cross-Site Scripting

]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-6550 - Elementor Pack Stored Cross-Site Scripting Vulnerability

]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-6688 - "WordPress Simple Payment Authentication Bypass"

]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-6689 - "FL3R Accessibility Suite Plugin Stored XSS Vulnerability"

]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-36529 - TB-Eye Command Injection Vulnerability

]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-41418 - TB-eye Network Recorders/AHD Recorders Buffer Overflow Vulnerability

]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-5035 - Firelight Lightbox WordPress Stored Cross-Site Scripting Vulnerability

]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-5093 - WordPress Responsive Lightbox Gallery Stored Cross-Site Scripting Vulnerability

]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-5194 - WordPress Map Block Stored Cross-Site Scripting

]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-5526 - BuddyPress Docs Information Disclosure Vulnerability

]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-45737 - NetEase NeacSafe64 Elevation of Privilege

]]>

Fri, 27 Jun 2025 05:15:00 GMT

read more

CVE-2025-6488 - WordPress isMobile Stored Cross-Site Scripting Vulnerability

]]>

Fri, 27 Jun 2025 05:15:00 GMT

read more

CVE-2025-6753 - Huija BicycleSharingServer SQL Injection Vulnerability

]]>

Fri, 27 Jun 2025 05:15:00 GMT

read more

CVE-2025-6752 - Linksys UPnP Stack-Based Buffer Overflow Vulnerability

]]>

Fri, 27 Jun 2025 04:16:00 GMT

read more

CVE-2025-53164 - Apache HTTP Server Command Injection

]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53165 - Apache HTTP Server Cross-Site Request Forgery

]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53166 - Apache HTTP Server Cross-Site Scripting

]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-6751 - Linksys E8450 HTTP POST Request Handler Buffer Overflow

]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53162 - Apache HTTP Server Denial of Service

]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53163 - Apache HTTP Server Arbitrary File Download

]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53157 - Apache HTTP Server Cross-Site Request Forgery

]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53158 - Apache HTTP Server Unvalidated User Input

]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53159 - Apache HTTP Server Cross-Site Request Forgery

]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53160 - Apache Apache HTTP Server SQL Injection

]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53161 - VMware Network PolicyVulnerability: Denial of Service

]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-47822 - Flock Safety LPR Impropoer Access Control Vulnerability

]]>

Fri, 27 Jun 2025 03:15:00 GMT

read more

CVE-2025-47823 - Flock Safety LPR Hardcoded Password Vulnerability

]]>

Fri, 27 Jun 2025 03:15:00 GMT

read more

CVE-2025-47824 - Flock Safety LPR Cleartext Code Storage Vulnerability

]]>

Fri, 27 Jun 2025 03:15:00 GMT

read more

CVE-2025-6750 - HDF5 Heap-Based Buffer Overflow Vulnerability

]]>

Fri, 27 Jun 2025 03:15:00 GMT

read more

CVE-2025-47821 - Flock Safety Gunshot Detection Device Hardcoded Password Vulnerability

]]>

Fri, 27 Jun 2025 03:15:00 GMT

read more

CVE-2025-47818 - Flock Safety Gunshot Detection HTTP Server Unauthenticated Access

]]>

Fri, 27 Jun 2025 02:15:00 GMT

read more

CVE-2025-47819 - Flock Safety Gunshot Detection Debug Interface Unauthorized Access Vulnerability

]]>

Fri, 27 Jun 2025 02:15:00 GMT

read more

CVE-2025-47820 - Flock Safety Gunshot Detection Devices Cleartext Code Storage Vulnerability

]]>

Fri, 27 Jun 2025 02:15:00 GMT

read more

CVE-2025-6748 - Airtel Thanks App Cleartext Storage Vulnerability

]]>

Fri, 27 Jun 2025 02:15:00 GMT

read more

CVE-2025-6749 - Huija bicycleSharingServer SQL Injection Vulnerability

]]>

Fri, 27 Jun 2025 02:15:00 GMT

read more

CVE-2024-3511 - WSO2 Registry Unauthorized File Access Vulnerability

]]>

Mon, 23 Jun 2025 09:15:00 GMT

read more

CVE-2025-6502 - Code-projects Inventory Management System SQL Injection Critical Vulnerability

]]>

Mon, 23 Jun 2025 04:15:00 GMT

read more

CVE-2025-6503 - Code-projects Inventory Management System SQL Injection

]]>

Mon, 23 Jun 2025 04:15:00 GMT

read more

CVE-2025-6499 - Apache vstakhov libucl Heap-Based Buffer Overflow

]]>

Mon, 23 Jun 2025 03:15:00 GMT

read more

CVE-2025-6500 - Code-projects Inventory Management System SQL Injection

]]>

Mon, 23 Jun 2025 03:15:00 GMT

read more

CVE-2025-6501 - Apache Code-projects Inventory Management System SQL Injection

]]>

Mon, 23 Jun 2025 03:15:00 GMT

read more

CVE-2025-6498 - HTACG Tidy-HTML5 Memory Leak Vulnerability

]]>

Mon, 23 Jun 2025 02:15:00 GMT

read more

CVE-2025-52926 - Spytrap-ADB Stalkerware Detection UI Vulnerability

]]>

Mon, 23 Jun 2025 01:15:00 GMT

read more

CVE-2025-6497 - "HTACG Tidy-html5 Assertion Vulnerability"

]]>

Mon, 23 Jun 2025 01:15:00 GMT

read more

CVE-2025-6496 - Apache Tidy Null Pointer Dereference Vulnerability

]]>

Mon, 23 Jun 2025 00:15:00 GMT

read more

CVE-2025-6494 - Nokogiri Heap-Based Buffer Overflow Vulnerability

]]>

Sun, 22 Jun 2025 23:15:00 GMT

read more

CVE-2025-6493 - CodeMirror Markdown Mode Regular Expression Complexity Remote Vulnerability

]]>

Sun, 22 Jun 2025 22:15:00 GMT

read more

CVE-2025-6492 - MarkText Regular Expression Complexity Remote Vulnerability

]]>

Sun, 22 Jun 2025 20:15:00 GMT

read more

CVE-2025-6489 - iSourcecode Agri-Trading Online Shopping System SQL Injection Vulnerability

]]>

Sun, 22 Jun 2025 19:15:00 GMT

read more

CVE-2025-6490 - Nokogiri Heap-Based Buffer Overflow Vulnerability

]]>

Sun, 22 Jun 2025 19:15:00 GMT

read more

CVE-2025-6486 - TOTOLINK A3002R Stack-Based Buffer Overflow Vulnerability

]]>

Sun, 22 Jun 2025 18:15:00 GMT

read more

CVE-2025-6487 - TOTOLINK A3002R Stack-Based Buffer Overflow

]]>

Sun, 22 Jun 2025 18:15:00 GMT

read more

CVE-2025-6484 - Code-projects Online Shopping Store SQL Injection

]]>

Sun, 22 Jun 2025 17:15:00 GMT

read more

CVE-2025-6485 - TOTOLINK A3002R OS Command Injection Vulnerability

]]>

Sun, 22 Jun 2025 17:15:00 GMT

read more

CVE-2025-6482 - "Simple Pizza Ordering System SQL Injection Vulnerability"

]]>

Sun, 22 Jun 2025 16:15:00 GMT

read more

CVE-2025-6483 - "Simple Pizza Ordering System SQL Injection Vulnerability"

]]>

Sun, 22 Jun 2025 16:15:00 GMT

read more

CVE-2025-6480 - Apache Code-Projects Simple Pizza Ordering System SQL Injection Vulnerability

]]>

Sun, 22 Jun 2025 15:15:00 GMT

read more

CVE-2025-6481 - "Simple Pizza Ordering System SQL Injection Vulnerability"

]]>

Sun, 22 Jun 2025 15:15:00 GMT

read more

CVE-2025-6478 - CodeAstro Expense Management System CSRF

]]>

Sun, 22 Jun 2025 14:15:00 GMT

read more

CVE-2025-6479 - Simple Pizza Ordering System SQL Injection

]]>

Sun, 22 Jun 2025 14:15:00 GMT

read more

Fuite de données chez Disneyland

]]>

Sat Jun 21 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Publication de la 4e édition de l’Observatoire des métiers 2025

]]>

Mon, 09 Jun 2025 19:56:00 GMT

read more

Retrouvez l’ANSSI lors de VivaTechnology 2025 !

]]>

Fri, 06 Jun 2025 07:25:00 GMT

read more

Retour sur le webinaire « Comment se faire labelliser ExpertCyber ? »

]]>

Thu, 05 Jun 2025 12:02:00 GMT

read more

Soldes d&rsquo;été : 7 conseils pour éviter les cyber-arnaques

]]>

Thu, 05 Jun 2025 09:00:00 GMT

read more

Cybermois 2025

]]>

Thu, 05 Jun 2025 01:11:00 GMT

read more

« Histoire de Cyber » : engagez-vous pour le Cybermois 2025

]]>

Thu, 05 Jun 2025 01:09:00 GMT

read more

Cybermois 2025 : kit de communication

]]>

Thu, 05 Jun 2025 01:05:00 GMT

read more

Rançongiciel ou ransomware, que faire ? (particuliers)

]]>

Tue, 03 Jun 2025 11:38:00 GMT

read more

Rançongiciel ou ransomware, que faire ? (particuliers)

]]>

Tue, 03 Jun 2025 11:38:00 GMT

read more

Fuite de données chez Kaviari

]]>

Tue Jun 03 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Autosur

]]>

Mon May 26 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Retour sur la participation de l’ANSSI à l’édition 2025 de Locked Shields

]]>

Wed, 14 May 2025 08:02:00 GMT

read more

Fuite de données chez Pulsy

]]>

Tue May 13 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

The syzygy distinguisher élu best paper award

]]>

Mon, 05 May 2025 11:43:00 GMT

read more

Fuite de données chez Cerballiance

]]>

Wed Apr 30 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Le France Cybersecurity challenge s'achève

]]>

Mon, 28 Apr 2025 13:43:00 GMT

read more

Bilan du volet cybersécurité de France Relance : un défi réussi

]]>

Mon, 28 Apr 2025 10:10:00 GMT

read more

Fuite de données chez Carrefour Mobile

]]>

Thu Apr 24 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Easy Cash

]]>

Tue Apr 22 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Le France Cybersecurity Challenge (FCSC) démarre aujourd’hui !

]]>

Mon, 21 Apr 2025 07:04:00 GMT

read more

Fuite de données chez Indigo

]]>

Fri Apr 18 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Etat de la menace informatique sur le secteur des transports urbains

]]>

Thu, 17 Apr 2025 07:37:00 GMT

read more

L’ANSSI publie ses guides sur la remédiation d’incidents en anglais

]]>

Wed, 16 Apr 2025 12:39:00 GMT

read more

L'ANSSI publie son rapport d'activité 2024

]]>

Tue, 15 Apr 2025 07:43:00 GMT

read more

Fuite de données chez Hertz

]]>

Tue Apr 15 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Harvest

]]>

Fri Apr 11 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez UTWIN

]]>

Mon Apr 07 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Reporterre

]]>

Tue Apr 01 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez MAIF BPCE

]]>

Fri Mar 28 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Oracle Cloud

]]>

Thu Mar 27 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Centrale Nantes

]]>

Wed Mar 26 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Cerballiance

]]>

Tue Mar 25 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Autosur Diagnosur

]]>

Mon Mar 24 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Intersport

]]>

Thu Mar 20 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Direct Assurance

]]>

Tue Mar 18 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Laforêt

]]>

Thu Mar 13 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez UTwin

]]>

Wed Mar 05 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez La Poste

]]>

Tue Mar 04 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez École Nationale de la Sécurité

]]>

Fri Feb 28 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Nord Emploi

]]>

Wed Feb 26 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Fédération Française de Foot

]]>

Fri Feb 21 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Service Départemental d'Incendie et de Secours de la Vienne

]]>

Wed Feb 19 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Sport Découverte

]]>

Mon Feb 17 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Mutuelle des motards

]]>

Thu Feb 13 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Chronopost

]]>

Wed Feb 12 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez King Jouet

]]>

Tue Feb 11 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Espace-Recettes.fr Vorwerk

]]>

Thu Feb 06 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez AIDES

]]>

Mon Jan 27 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez E.Leclerc

]]>

Fri Jan 24 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Fédération Française de la montagne et de l'escalade

]]>

Thu Jan 23 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Fédération Française de tir à l'arc

]]>

Mon Jan 20 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Kiabi

]]>

Tue Jan 14 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Cogitis

]]>

Tue Dec 31 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Atos

]]>

Mon Dec 30 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Arsoé

]]>

Fri Dec 27 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Peugeot

]]>

Thu Dec 26 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Cyberhaven

]]>

Wed Dec 25 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Wakanim

]]>

Fri Dec 20 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Top Achat

]]>

Thu Dec 12 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez LDLC

]]>

Tue Dec 10 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Deloitte

]]>

Wed Dec 04 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Guy Demarle

]]>

Tue Dec 03 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Norauto

]]>

Mon Dec 02 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Ze Camping

]]>

Wed Nov 27 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez JVS

]]>

Tue Nov 26 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez SFR

]]>

Sun Nov 24 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Banque de France

]]>

Sat Nov 23 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Companie de Transport Strasbourgeoise

]]>

Fri Nov 22 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Chambres d’agriculture

]]>

Thu Nov 21 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Auchan

]]>

Tue Nov 19 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Le Point

]]>

Mon Nov 18 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Huttopia

]]>

Thu Nov 14 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Molotov

]]>

Wed Nov 13 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Picard

]]>

Tue Nov 12 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Free Mobile

]]>

Fri Oct 25 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Ornikar

]]>

Thu Oct 24 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Meilleurtaux

]]>

Mon Sep 30 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez RED by SFR

]]>

Wed Sep 18 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Assurance retraite

]]>

Fri Sep 13 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Cybertek

]]>

Thu Sep 12 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Cultura

]]>

Tue Sep 10 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Boulanger

]]>

Sat Sep 07 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Ticketmaster

]]>

Sun Apr 28 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Le Slip Français

]]>

Mon Apr 15 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez France Travail

]]>

Fri Mar 08 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez LDLC

]]>

Fri Mar 01 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Almerys, Viamedis

]]>

Tue Feb 06 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Dailymotion

]]>

Sat Oct 01 2016 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more